info: description: VMware NSX-T Data Center Policy REST API title: NSX-T Data Center Policy API version: 3.2.0.0.0 schemes: - https produces: - application/json securityDefinitions: BasicAuth: description: HTTP Basic Authentication type: basic host: nsxmanager.your.domain security: - BasicAuth: [] swagger: '2.0' basePath: /policy/api/v1 paths: /aaa/effective-permissions: get: consumes: - application/json description: | Returns none if user doesn't have access or feature_name from required request parameter is empty/invalid/doesn't match with object-path provided. operationId: GetPathPermissions parameters: - description: Feature name in: query name: feature_name required: true type: string - description: Exact object Policy path in: query name: object_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PathPermissionGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get effective object permissions to object specified by path for current user. tags: - System Administration - Settings - User Management - Authorization - Object Permissions x-vmw-nsx-module: PolicyAuthz /aaa/features-with-properties: get: consumes: - application/json description: | List features operationId: ListFeatures produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FeaturePermissionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List feature permissions tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/ldap-identity-sources: get: consumes: - application/json description: |- Return a list of all configured LDAP identity sources. operationId: ListLdapIdentitySources parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LdapIdentitySourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LDAP identity sources tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources /aaa/ldap-identity-sources/{ldap-identity-source-id}: delete: consumes: - application/json description: |- Delete an LDAP identity source. Users defined in that source will no longer be able to access NSX. operationId: DeleteLdapIdentitySource parameters: - in: path name: ldap-identity-source-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an LDAP identity source tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources get: consumes: - application/json description: |- Return details about one LDAP identity source operationId: ReadLdapIdentitySource parameters: - in: path name: ldap-identity-source-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LdapIdentitySource' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a single LDAP identity source tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources put: consumes: - application/json description: |- Update the configuration of an existing LDAP identity source. You may wish to verify the new configuration using the POST /aaa/ldap-identity-sources?action=probe API before changing the configuration. Note that if you are using LDAP on an active and standby NSX-T Global Manager in a federated environment, you must use the same name for your LDAP identity sources on the active and standby Global Managers. operationId: CreateOrUpdateLdapIdentitySource parameters: - in: path name: ldap-identity-source-id required: true type: string - in: body name: LdapIdentitySource required: true schema: $ref: '#/definitions/LdapIdentitySource' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LdapIdentitySource' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update an existing LDAP identity source tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources /aaa/ldap-identity-sources/{ldap-identity-source-id}/search: post: consumes: - application/json description: |- Search the LDAP identity source for users and groups that match the given filter_value. In most cases, the LDAP source performs a case-insensitive search. operationId: SearchLdapIdentitySource parameters: - in: path name: ldap-identity-source-id required: true type: string - description: Search filter value in: query name: filter_value required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LdapIdentitySourceSearchResultList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Search the LDAP identity source tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources /aaa/ldap-identity-sources/{ldap-identity-source-id}?action=probe: post: consumes: - application/json description: |- Attempt to connect to an existing LDAP identity source and report any errors encountered. operationId: ProbeConfiguredLdapIdentitySource parameters: - in: path name: ldap-identity-source-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LdapIdentitySourceProbeResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Test the configuration of an existing LDAP identity source tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources /aaa/ldap-identity-sources?action=fetch_certificate: post: consumes: - application/json description: |- Attempt to connect to an LDAP server and retrieve the server certificate it presents. operationId: FetchIdentitySourceLdapServerCertificate parameters: - in: body name: IdentitySourceLdapServerEndpoint required: true schema: $ref: '#/definitions/IdentitySourceLdapServerEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PeerCertificateChain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Fetch the server certificate of an LDAP server tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources /aaa/ldap-identity-sources?action=probe_identity_source: post: consumes: - application/json description: |- Verify that the configuration of an LDAP identity source is correct before actually creating the source. operationId: ProbeUnconfiguredLdapIdentitySource parameters: - in: body name: LdapIdentitySource required: true schema: $ref: '#/definitions/LdapIdentitySource' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LdapIdentitySourceProbeResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Probe an LDAP identity source tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources /aaa/ldap-identity-sources?action=probe_ldap_server: post: consumes: - application/json description: |- Attempt to connect to an LDAP server and ensure that the server can be contacted using the given URL and authentication credentials. operationId: ProbeIdentitySourceLdapServer parameters: - in: body name: IdentitySourceLdapServer required: true schema: $ref: '#/definitions/IdentitySourceLdapServer' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdentitySourceLdapServerProbeResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Test an LDAP server tags: - System Administration - Settings - User Management - LDAP Identity Sources x-vmw-nsx-module: LdapIdentitySources /aaa/object-permissions: delete: consumes: - application/json description: |- Delete object-permissions entries operationId: DeleteObjectPermissions parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: false description: Does children of this object inherit this rule in: query name: inheritance_disabled required: false type: boolean - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Path prefix in: query name: path_prefix required: false type: string - description: Role name in: query name: role_name required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete object-permissions entries tags: - System Administration - Settings - User Management - Authorization - Object Permissions x-vmw-nsx-module: PolicyAuthz get: consumes: - application/json description: |- Get list of Object-level RBAC entries. operationId: GetObjectPermissions parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: false description: Does children of this object inherit this rule in: query name: inheritance_disabled required: false type: boolean - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Path prefix in: query name: path_prefix required: false type: string - description: Role name in: query name: role_name required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ObjectRolePermissionGroupListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get list of Object-level RBAC entries. tags: - System Administration - Settings - User Management - Authorization - Object Permissions x-vmw-nsx-module: PolicyAuthz patch: consumes: - application/json description: |- Create/update object permission mappings operationId: UpdateObjectPermissions parameters: - in: body name: ObjectRolePermissionGroup required: true schema: $ref: '#/definitions/ObjectRolePermissionGroup' produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create/update object permission mappings tags: - System Administration - Settings - User Management - Authorization - Object Permissions x-vmw-nsx-module: PolicyAuthz /aaa/registration-token: post: consumes: - application/json description: |- The privileges of the registration token will be the same as the caller. operationId: CreateRegistrationToken produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RegistrationToken' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create registration access token tags: - System Administration - Settings - User Management - Access Token x-vmw-nsx-module: RegistrationTokenEndPoint /aaa/registration-token/{token}: delete: consumes: - application/json description: |- Delete registration access token operationId: DeleteRegistrationToken parameters: - description: |- Registration token in: path name: token required: true type: string produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete registration access token tags: - System Administration - Settings - User Management - Access Token x-vmw-nsx-module: RegistrationTokenEndPoint get: consumes: - application/json description: |- Get registration access token operationId: GetRegistrationToken parameters: - description: |- Registration token in: path name: token required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RegistrationToken' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get registration access token tags: - System Administration - Settings - User Management - Access Token x-vmw-nsx-module: RegistrationTokenEndPoint /aaa/role-bindings: get: consumes: - application/json description: | Get all users and groups with their roles. operationId: GetAllRoleBindings parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Identity source ID in: query name: identity_source_id required: false type: string - description: Identity source type enum: - VIDM - LDAP - OIDC in: query name: identity_source_type required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: User/Group name in: query name: name required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Role ID in: query name: role required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type enum: - remote_user - remote_group - local_user - principal_identity in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleBindingListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get all users and groups with their roles tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA post: consumes: - application/json description: | This API is used to assign a user/group any role(s) of choice. User has union of all the roles assigned to it. User name is dealt case-insensitively. operationId: CreateRoleBinding parameters: - in: body name: RoleBinding required: true schema: $ref: '#/definitions/RoleBinding' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleBinding' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Assign roles to User or Group tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/role-bindings/{binding-id}: delete: consumes: - application/json description: | Delete the user/group's role assignment. operationId: DeleteRoleBinding parameters: - description: |- User/Group's id in: path name: binding-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Identity source ID in: query name: identity_source_id required: false type: string - description: Identity source type enum: - VIDM - LDAP - OIDC in: query name: identity_source_type required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: User/Group name in: query name: name required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Role ID in: query name: role required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type enum: - remote_user - remote_group - local_user - principal_identity in: query name: type required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete user/group's roles assignment tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA get: consumes: - application/json description: |- Get user/group's role information operationId: GetRoleBinding parameters: - description: |- User/Group's id in: path name: binding-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Identity source ID in: query name: identity_source_id required: false type: string - description: Identity source type enum: - VIDM - LDAP - OIDC in: query name: identity_source_type required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: User/Group name in: query name: name required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Role ID in: query name: role required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type enum: - remote_user - remote_group - local_user - principal_identity in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleBinding' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get user/group's role information tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA put: consumes: - application/json description: | This API is used to update a user/group any role(s) of choice. User name is dealt case-insensitively. operationId: UpdateRoleBinding parameters: - description: |- User/Group's id in: path name: binding-id required: true type: string - in: body name: RoleBinding required: true schema: $ref: '#/definitions/RoleBinding' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleBinding' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update User or Group's roles tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/role-bindings?action=delete_stale_bindings: post: consumes: - application/json description: |- Delete all stale role assignments operationId: DeleteAllStaleRoleBindings parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Identity source ID in: query name: identity_source_id required: false type: string - description: Identity source type enum: - VIDM - LDAP - OIDC in: query name: identity_source_type required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: User/Group name in: query name: name required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Role ID in: query name: role required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type enum: - remote_user - remote_group - local_user - principal_identity in: query name: type required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete all stale role assignments tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/roles: get: consumes: - application/json description: |- Get information about all roles operationId: GetAllRolesInfo produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get information about all roles tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/roles-with-feature-permissions: get: consumes: - application/json description: |- Get information about all roles with features and their permissions operationId: ListRolesInfo parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleWithFeaturesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get information about all roles with features and their permissions tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/roles/{role}: delete: consumes: - application/json description: | If a role is assigned to a role binding then the deletion of the role is not allowed. Precanned roles cannot be deleted. operationId: DeleteRole parameters: - description: |- Custom role id in: path name: role required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete custom role tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA get: consumes: - application/json description: |- Get role information operationId: GetRoleInfo parameters: - description: |- Role id in: path name: role required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleWithFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get role information tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA put: consumes: - application/json description: | Creates a new role with id as <role> if there does not exist any role with id <role>, else updates the existing role. operationId: CreateOrUpdateRole parameters: - description: |- Custom role id in: path name: role required: true type: string - in: body name: RoleWithFeatures required: true schema: $ref: '#/definitions/RoleWithFeatures' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoleWithFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update custom role tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/roles/{role}?action=clone: post: consumes: - application/json description: | The role with id <role> is cloned and the new id, name and description are the ones provided in the request body. operationId: CloneRole parameters: - description: |- Role id in: path name: role required: true type: string - in: body name: NewRole required: true schema: $ref: '#/definitions/NewRole' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/NewRole' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Clone an already present role tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/roles?action=validate: post: consumes: - application/json description: | Validate the permissions of an incoming role. Also, recommend the permissions which need to be corrected. operationId: ValidateAndRecommendPermissions parameters: - in: body name: FeaturePermissionArray required: true schema: $ref: '#/definitions/FeaturePermissionArray' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RecommendedFeaturePermissionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Validate a new feature permission set tags: - System Administration - Settings - User Management - Roles x-vmw-nsx-module: AAA /aaa/user-info: get: consumes: - application/json description: | This API will return the name and role information of the user invoking this API request. This API is available for all NSX users no matter their authentication method (Local account, VIDM, LDAP etc). operationId: GetCurrentUserInfo parameters: - description: Prefix path of the context in: query name: root_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UserInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the name and role information of the user. tags: - System Administration - Settings - User Management - Users x-vmw-nsx-module: AAA /aaa/vidm/groups: get: consumes: - application/json description: |- Get all the User Groups where vIDM display name matches the search key case insensitively. The search key is checked to be a substring of display name. This is a non paginated API. This API will return as many results that vIDM returns to NSX during the search query. vIDM may not send all results at once so to zero in on the group of interest more characters need to be entered. operationId: GetGroupVidmSearchResult parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: 'Search string to search for. ' in: query name: search_string required: true type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VidmInfoListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get all the User Groups where vIDM display name matches the search key case insensitively. The search key is checked to be a substring of display name. This is a non paginated API. This API will return as many results that vIDM returns to NSX during the search query. vIDM may not send all results at once so to zero in on the group of interest more characters need to be entered. tags: - System Administration - Settings - User Management - VIDM Configuration x-vmw-nsx-module: AAA /aaa/vidm/search: post: consumes: - application/json description: |- Get all the users and groups from vIDM matching the search key case insensitively. The search key is checked to be a substring of name or given name or family name of user and display name of group. This is a non paginated API. This API will return as many results that vIDM returns to NSX during the search query. vIDM may not send all results at once so to zero in on the user/group of interest more characters need to be entered. operationId: GetVidmSearchResult parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: 'Search string to search for. ' in: query name: search_string required: true type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VidmInfoListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get all the users and groups from vIDM matching the search key case insensitively. The search key is checked to be a substring of name or given name or family name of user and display name of group. This is a non paginated API. This API will return as many results that vIDM returns to NSX during the search query. vIDM may not send all results at once so to zero in on the user/group of interest more characters need to be entered. tags: - System Administration - Settings - User Management - VIDM Configuration x-vmw-nsx-module: AAA /aaa/vidm/users: get: consumes: - application/json description: |- Get all the users from vIDM whose userName, givenName or familyName matches the search key case insensitively. The search key is checked to be a substring of name or given name or family name. This is a non paginated API. This API will return as many results that vIDM returns to NSX during the search query. vIDM may not send all results at once so to zero in on the user of interest more characters need to be entered. operationId: GetUserVidmSearchResult parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: 'Search string to search for. ' in: query name: search_string required: true type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VidmInfoListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get all the users from vIDM whose userName, givenName or familyName matches the search key case insensitively. The search key is checked to be a substring of name or given name or family name. This is a non paginated API. This API will return as many results that vIDM returns to NSX during the search query. vIDM may not send all results at once so to zero in on the user of interest more characters need to be entered. tags: - System Administration - Settings - User Management - VIDM Configuration x-vmw-nsx-module: AAA /alb/controller-nodes/cluster: get: consumes: - application/json description: | Returns information about Advanced Load Balancer controller cluster status operationId: ListALBControllerClusterInfo produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerClusterInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns information for Advanced Load Balancer controller cluster tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Cluster x-vmw-nsx-module: PolicyALBControllerDeployment put: consumes: - application/json description: | Re-trigger clustering for Advanced Load Balancer Nodes. operationId: RetriggerClustering produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerClusterTrigger' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Re-trigger clustering for Advanced Load Balancer Nodes. tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Cluster x-vmw-nsx-module: PolicyALBControllerDeployment /alb/controller-nodes/clusterconfig: get: consumes: - application/json description: | Returns cluster configuration for the Advanced Load Balancer controller cluster. operationId: ReadALBControllerNodeClusterConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerNodeVMClusterConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns info for of the cluster configuration for the Advanced Load Balancer controller cluster tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Cluster Config x-vmw-nsx-module: PolicyALBControllerDeployment post: consumes: - application/json description: | Set the cluster configuration for Advanced Load Balancer controller cluster. operationId: AddALBControllerNodeClusterConfig parameters: - in: body name: ALBControllerNodeVMClusterConfig required: true schema: $ref: '#/definitions/ALBControllerNodeVMClusterConfig' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/ALBControllerNodeVMClusterConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Set the cluster configuration for the Advanced Load Balancer controller VM. The VIP can be set once. Attempting to change the VIP once set will return an error. tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Cluster Config x-vmw-nsx-module: PolicyALBControllerDeployment /alb/controller-nodes/deployments: get: consumes: - application/json description: | Returns request information for every attempted deployment of a cluster node VM. operationId: ListALBControllerNodeVMDeploymentRequests parameters: - description: the current state of the Advanced Load Balancer controller VM enum: - DEPLOYED - PENDING in: query name: state type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerNodeVMDeploymentRequestList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns info for all cluster node VM auto-deployment attempts tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Deployments x-vmw-nsx-module: PolicyALBControllerDeployment post: consumes: - application/json description: | Deploys a Advanced Load Balancer controller node VM as specified by the deployment config. operationId: AddALBControllerNodeVM parameters: - in: body name: AddALBControllerNodeVMInfo required: true schema: $ref: '#/definitions/AddALBControllerNodeVMInfo' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/ALBControllerNodeVMDeploymentRequestList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deploy and register a Advanced Load Balancer controller node VM tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Deployments x-vmw-nsx-module: PolicyALBControllerDeployment /alb/controller-nodes/deployments/{node-id}: get: consumes: - application/json description: | Returns deployment request information for a specific attempted deployment of a cluster node VM. operationId: ReadALBControllerNodeVMDeploymentRequest parameters: - in: path name: node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerNodeVMDeploymentRequest' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns info for a Advanced Load Balancer controller deployment attempt tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Deployments x-vmw-nsx-module: PolicyALBControllerDeployment put: consumes: - application/json description: | Update Advanced Load Balancer Controller node VM details operationId: UpdateALBControllerNodeVMDeploymentRequest parameters: - in: path name: node-id required: true type: string - in: body name: ALBControllerNodeVMDeploymentRequest required: true schema: $ref: '#/definitions/ALBControllerNodeVMDeploymentRequest' - description: Update Advanced Load Balancer Controller runtime config as well in: query name: running_config type: boolean produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/ALBControllerNodeVMDeploymentRequest' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update a Advanced Load Balancer controller cluster node VM. Only updating password, ntp and dns servers are supported. If controller is in a cluster then all nodes in the cluster are updated with the provided values tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Deployments x-vmw-nsx-module: PolicyALBControllerDeployment /alb/controller-nodes/deployments/{node-id}/status: get: consumes: - application/json description: | Returns the current deployment or undeployment status for a VM along with any other relevant current information, such as error messages. operationId: ReadALBControllerNodeVMDeploymentStatus parameters: - in: path name: node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerNodeVMDeploymentStatusReport' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns the status of the VM creation/deletion tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Deployments x-vmw-nsx-module: PolicyALBControllerDeployment /alb/controller-nodes/deployments/{node-id}?action=delete: post: consumes: - application/json description: | Attempts to unregister and undeploy a specified auto-deployed cluster node VM. If it is a member of a cluster, then the VM will be automatically detached from the cluster before being unregistered and undeployed. Alternatively, if the original deployment attempt failed or the VM is not found, cleans up the deployment information associated with the deployment attempt. Note: If a VM has been successfully auto-deployed, then the associated deployment information will not be deleted unless and until the VM is successfully deleted. operationId: DeleteAutoDeployedALBControllerNodeVM parameters: - in: path name: node-id required: true type: string - description: Delete by force in: query name: force_delete type: boolean - description: Delete when controller is inaccessible in: query name: inaccessible type: string responses: '202': description: Accepted '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Attempt to delete an auto-deployed Advanced Load Balancer controller node tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Deployments x-vmw-nsx-module: PolicyALBControllerDeployment /alb/controller-nodes/form-factors: get: consumes: - application/json description: | Returns information about all form factors available for Advanced Load Balancer controller nodes. operationId: ListALBControllerFormFactors produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerNodeFormFactors' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List available Advanced Load Balancer controller form factors tags: - System Administration - Configuration - NSX Advanced Load Balancer - Controller - Form Factors x-vmw-nsx-module: PolicyALBControllerDeployment /batch: post: consumes: - application/json description: | Enables you to make multiple API requests using a single request. The batch API takes in an array of logical HTTP requests represented as JSON arrays. Each request has a method (GET, PUT, POST, or DELETE), a relative_url (the portion of the URL after https://<nsx-mgr>/api/), optional headers array (corresponding to HTTP headers) and an optional body (for POST and PUT requests). The batch API returns an array of logical HTTP responses represented as JSON arrays. Each response has a status code, an optional headers array and an optional body (which is a JSON-encoded string). operationId: RegisterBatchRequest parameters: - in: body name: BatchRequest required: true schema: $ref: '#/definitions/BatchRequest' - default: false description: Ignored (transactional atomicity flag) in: query name: atomic required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BatchResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Register a Collection of API Calls at a Single End Point tags: - System Administration - Configuration - NSX Managers - API Services - API Request Batching x-vmw-nsx-module: Batch /cluster/backups/config: get: consumes: - application/json description: | Get a configuration of a file server and timers for automated backup. Fields that contain secrets (password, passphrase) are not returned. operationId: GetBackupConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BackupConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get backup configuration tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration put: consumes: - application/json description: | Configure file server and timers for automated backup. If secret fields are omitted (password, passphrase) then use the previously set value. operationId: ConfigureBackupConfig parameters: - in: body name: BackupConfiguration required: true schema: $ref: '#/definitions/BackupConfiguration' - default: LOCAL_LOCAL_MANAGER description: Frame type enum: - GLOBAL_MANAGER - LOCAL_MANAGER - LOCAL_LOCAL_MANAGER - NSX_INTELLIGENCE in: query name: frame_type required: false type: string - default: localhost description: Site ID in: query name: site_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BackupConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Configure backup tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration /cluster/backups/history: get: consumes: - application/json description: | Get history of previous backup operations operationId: GetBackupHistory produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BackupOperationHistory' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get backup history tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration /cluster/backups/overview: get: consumes: - application/json description: | Get a configuration of a file server, timers for automated backup, latest backup status, backups list for a site. Fields that contain secrets (password, passphrase) are not returned. operationId: GetBackupOverview parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: LOCAL_LOCAL_MANAGER description: Frame type enum: - GLOBAL_MANAGER - LOCAL_MANAGER - LOCAL_LOCAL_MANAGER - NSX_INTELLIGENCE in: query name: frame_type required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - default: true description: Need a list of backups in: query name: show_backups_list required: false type: boolean - default: localhost description: UUID of the site in: query name: site_id required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BackupOverview' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get all backup related information for a site tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration /cluster/backups/status: get: consumes: - application/json description: | Get status of active backup operations operationId: GetBackupStatus produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CurrentBackupOperationStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get backup status tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration /cluster/backups?action=retrieve_ssh_fingerprint: post: consumes: - application/json description: | Get SHA256 fingerprint of ECDSA key of remote server. The caller should independently verify that the key is trusted. operationId: GetSshFingerprintOfServer parameters: - in: body name: RemoteServerFingerprintRequest required: true schema: $ref: '#/definitions/RemoteServerFingerprintRequest' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RemoteServerFingerprint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ssh fingerprint of remote(backup) server tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration /cluster/restore/backuptimestamps: get: consumes: - application/json description: | Returns timestamps for all backup files that are available on the SFTP server. operationId: ListClusterBackupTimestamps parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterBackupInfoListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List timestamps of all available Cluster Backups. tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: ClusterRestore /cluster/restore/config: get: consumes: - application/json description: | Deprecated. Please use API /cluster/backups/config, to get remote file server(where backuped-up files are stored) details durign restore. In older versions - Get configuration information for the file server used to store backed-up files. Fields that contain secrets (password, passphrase) are not returned. operationId: GetRestoreConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RestoreConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deprecated. Get Restore configuration tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: BackupConfiguration put: consumes: - application/json description: | Deprecated. Please use API /cluster/backups/config, to configure remote file server(where backed-up files are stored) details during restore. In older versions - Configure file server where the backed-up files used for the Restore operation are available. operationId: ConfigureRestoreConfig parameters: - in: body name: RestoreConfiguration required: true schema: $ref: '#/definitions/RestoreConfiguration' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RestoreConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deprecated. Configure Restore SFTP server credentials tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: BackupConfiguration /cluster/restore/instruction-resources: get: consumes: - application/json description: | For restore operations requiring user input e.g. performing an action, accepting/rejecting an action, etc. the information to be conveyed to users is provided in this call. operationId: ListRestoreInstructionResources parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Id of the instruction set whose instructions are to be returned in: query name: instruction_id required: true type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ActionableResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | List resources for a given instruction, to be shown to/executed by users. tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: ClusterRestore /cluster/restore?action=advance: post: consumes: - application/json description: | Advance any currently suspended restore operation. The operation might have been suspended because (1) the user had suspended it previously, or (2) the operation is waiting for user input, to be provided as a part of the POST request body. This operation is only valid when a GET cluster/restore/status returns a status with value SUSPENDED. Otherwise, a 409 response is returned. operationId: AdvanceClusterRestore parameters: - in: body name: AdvanceClusterRestoreRequest required: true schema: $ref: '#/definitions/AdvanceClusterRestoreRequest' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterRestoreStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '409': description: Conflict schema: $ref: '#/definitions/ClusterRestoreStatus' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Advance any suspended restore operation tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: ClusterRestore /cluster/restore?action=cancel: post: consumes: - application/json description: | This operation is only valid when a restore is in suspended state. The UI user can cancel any restore operation when the restore is suspended either due to an error, or for a user input. The API user would need to monitor the progression of a restore by calling periodically "/api/v1/cluster/restore/status" API. The response object (ClusterRestoreStatus), contains a field "endpoints". The API user can cancel the restore process if 'cancel' action is shown in the endpoint field. This operation is only valid when a GET cluster/restore/status returns a status with value SUSPENDED. operationId: CancelClusterRestore produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterRestoreStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '409': description: Conflict schema: $ref: '#/definitions/ClusterRestoreStatus' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Cancel any running restore operation tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: ClusterRestore /cluster/restore?action=retry: post: consumes: - application/json description: | Retry any currently in-progress, failed restore operation. Only the last step of the multi-step restore operation would have failed,and only that step is retried. This operation is only valid when a GET cluster/restore/status returns a status with value FAILED. Otherwise, a 409 response is returned. operationId: RetryClusterRestore produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterRestoreStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '409': description: Conflict schema: $ref: '#/definitions/ClusterRestoreStatus' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Retry any failed restore operation tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: ClusterRestore /cluster/restore?action=start: post: consumes: - application/json description: | Start the restore of an NSX cluster, from some previously backed-up configuration. This operation is only valid when a GET cluster/restore/status returns a status with value NOT_STARTED. Otherwise, a 409 response is returned. operationId: InitiateClusterRestore parameters: - in: body name: InitiateClusterRestoreRequest required: true schema: $ref: '#/definitions/InitiateClusterRestoreRequest' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterRestoreStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '409': description: Conflict schema: $ref: '#/definitions/ClusterRestoreStatus' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Initiate a restore operation tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: ClusterRestore /cluster/restore?action=suspend: post: consumes: - application/json description: | Suspend any currently running restore operation. The restore operation is made up of a number of steps. When this call is issued, any currently running step is allowed to finish (successfully or with errors), and the next step (and therefore the entire restore operation) is suspended until a subsequent resume or cancel call is issued. This operation is only valid when a GET cluster/restore/status returns a status with value RUNNING. Otherwise, a 409 response is returned. operationId: SuspendClusterRestore produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterRestoreStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '409': description: Conflict schema: $ref: '#/definitions/ClusterRestoreStatus' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Suspend any running restore operation tags: - System Administration - Lifecycle Management - Backup Restore Management - Restore x-vmw-nsx-module: ClusterRestore /cluster?action=backup_to_remote: post: consumes: - application/json description: | Request one-time backup. The backup will be uploaded using the same server configuration as for automatic backup. operationId: RequestOnetimeBackup parameters: - default: LOCAL_LOCAL_MANAGER description: Frame type enum: - GLOBAL_MANAGER - LOCAL_MANAGER - LOCAL_LOCAL_MANAGER - NSX_INTELLIGENCE in: query name: frame_type required: false type: string - default: localhost description: Site ID in: query name: site_id required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Request one-time backup tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration /cluster?action=summarize_inventory_to_remote: post: consumes: - application/json description: | Request one-time inventory summary. The backup will be uploaded using the same server configuration as for an automatic backup. operationId: RequestOnetimeInventorySummary responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Request one-time inventory summary. tags: - System Administration - Lifecycle Management - Backup Restore Management - Backup x-vmw-nsx-module: BackupConfiguration /compliance/status: get: consumes: - application/json description: |- Returns the compliance status and details of non compliant configuration operationId: GetPolicyComplianceStatus produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyComplianceStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns the compliance status tags: - Policy - Monitoring - Compliance x-vmw-nsx-module: PolicyCompliance /configs/management: get: consumes: - application/json description: | Returns the NSX Management nodes global configuration. operationId: ReadManagementConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ManagementConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read NSX Management nodes global configuration. tags: - System Administration - Configuration - NSX Managers - Manager Configuration x-vmw-nsx-module: ConfigManagement put: consumes: - application/json description: |- Modifies the NSX Management nodes global configuration. operationId: UpdateManagementConfig parameters: - in: body name: ManagementConfig required: true schema: $ref: '#/definitions/ManagementConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ManagementConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update NSX Management nodes global configuration tags: - System Administration - Configuration - NSX Managers - Manager Configuration x-vmw-nsx-module: ConfigManagement /enforcement-points/{enforcement-point-id}/service-definitions: get: consumes: - application/json description: | List all Service Definitions registered on given enforcement point. operationId: ListServiceDefinitions parameters: - description: |- Enforcement point id in: path name: enforcement-point-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInsertionServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all Service Definitions registered on given enforcement point. tags: - Policy - Security - Service Insertion - Service Definitions x-vmw-nsx-module: PolicyServiceInsertion post: consumes: - application/json description: |- Create a Service Definition on given enforcement point. operationId: CreateServiceDefinition parameters: - description: |- Enforcement point id in: path name: enforcement-point-id required: true type: string - in: body name: ServiceDefinition required: true schema: $ref: '#/definitions/ServiceDefinition' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/ServiceDefinition' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a Service Definition on given enforcement point. tags: - Policy - Security - Service Insertion - Service Definitions x-vmw-nsx-module: PolicyServiceInsertion /enforcement-points/{enforcement-point-id}/service-definitions/{service-definition-id}: delete: consumes: - application/json description: | Delete an existing Service Definition on the given enforcement point. operationId: DeleteServiceDefinition parameters: - description: |- Enforcement point id in: path name: enforcement-point-id required: true type: string - description: |- Id of service definition in: path name: service-definition-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Delete an existing Service Definition on the given enforcement point tags: - Policy - Security - Service Insertion - Service Definitions x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: | Read Service Definition with given service-definition-id. operationId: ReadServiceDefinition parameters: - description: |- Enforcement point id in: path name: enforcement-point-id required: true type: string - description: |- Id of service definition in: path name: service-definition-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceDefinition' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Service Definition with given service-definition-id. tags: - Policy - Security - Service Insertion - Service Definitions x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Update an existing Service Definition on the given enforcement point. operationId: UpdateServiceDefinition parameters: - description: |- Enforcement point id in: path name: enforcement-point-id required: true type: string - description: |- Id of service definition in: path name: service-definition-id required: true type: string - in: body name: ServiceDefinition required: true schema: $ref: '#/definitions/ServiceDefinition' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceDefinition' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Update an existing Service Definition on the given enforcement point tags: - Policy - Security - Service Insertion - Service Definitions x-vmw-nsx-module: PolicyServiceInsertion /error-resolver: get: consumes: - application/json description: | Returns a list of metadata for all the error resolvers registered. operationId: ListErrorResolverInfo produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ErrorResolverInfoList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Fetches a list of metadata for all the registered error resolvers tags: - System Administration - Monitoring - Error Resolver x-vmw-nsx-module: ErrorResolver /error-resolver/{error_id}: get: consumes: - application/json description: | Returns some metadata about the given error_id. This includes information of whether there is a resolver present for the given error_id and its associated user input data operationId: GetErrorResolverInfo parameters: - in: path name: error_id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ErrorResolverInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Fetches metadata about the given error_id tags: - System Administration - Monitoring - Error Resolver x-vmw-nsx-module: ErrorResolver /error-resolver?action=resolve_error: post: consumes: - application/json description: | Invokes the corresponding error resolver for the given error(s) present in the payload operationId: ResolveError parameters: - in: body name: ErrorResolverMetadataList required: true schema: $ref: '#/definitions/ErrorResolverMetadataList' responses: '204': description: No Content '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Resolves the error tags: - System Administration - Monitoring - Error Resolver x-vmw-nsx-module: ErrorResolver /eula/accept: post: consumes: - application/json description: | Accept end user license agreement operationId: AcceptEULA produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Accept end user license agreement tags: - System Administration - Settings - Licenses x-vmw-nsx-module: EULA /eula/acceptance: get: consumes: - application/json description: | Return the acceptance status of end user license agreement operationId: GetEULAAcceptance produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EULAAcceptance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Return the acceptance status of end user license agreement tags: - System Administration - Settings - Licenses x-vmw-nsx-module: EULA /eula/content: get: consumes: - application/json description: | Return the content of end user license agreement in the specified format. By default, it's pure string without line break operationId: GetEULAContent parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: End User License Agreement content output format in: query name: value_format type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EULAContent' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Return the content of end user license agreement tags: - System Administration - Settings - Licenses x-vmw-nsx-module: EULA /fine-tuning/resources: get: consumes: - application/json description: | This API provides field names of attributes in NSX types that are owned by Policy, as opposed to those owned by the enforcement point. For any type on NSX, some of the attributes of that type may be owned and set by Policy when realizing the intent, while some others may be owned and set by the enforcement point itself. This information can be used to disable updates to Policy owned attributes by the advanced networking UI, while allowing tweaking to the attributes owned by the management plane. operationId: ListResourceInfo parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type query in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ResourceInfoListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- For each type of entity what are the attributes owned by policy. tags: - Policy - Monitoring - Finetuning x-vmw-nsx-module: PolicyFineTuning /global-infra: get: consumes: - application/json description: | Read infra. Returns only the infra related properties. Inner object are not populated. operationId: GlobalInfraReadInfra parameters: - description: Base Path for retrieving hierarchical intent in: query name: base_path required: false type: string - description: Filter string as java regex in: query name: filter required: false type: string - description: Filter string to retrieve hierarchy. in: query name: type_filter required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Infra' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read infra tags: - Policy - Infra - Hierarchical API x-vmw-nsx-module: Policy patch: consumes: - application/json description: | Patch API at infra level can be used in two flavours 1. Like a regular API to update Infra object 2. Hierarchical API: To create/update/delete entire or part of intent hierarchy Hierarchical API: Provides users a way to create entire or part of intent in single API invocation. Input is expressed in a tree format. Each node in tree can have multiple children of different types. System will resolve the dependecies of nodes within the intent tree and will create the model. Children for any node can be specified using ChildResourceReference or ChildPolicyConfigResource. If a resource is specified using ChildResourceReference then it will not be updated only its children will be updated. If Object is specified using ChildPolicyConfigResource, object along with its children will be updated. Hierarchical API can also be used to delete any sub-branch of entire tree. operationId: GlobalInfraPatchInfra parameters: - in: body name: Infra required: true schema: $ref: '#/definitions/Infra' - default: false description: Force revision check in: query name: enforce_revision_check required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the infra including all the nested entities tags: - Policy - Infra - Hierarchical API x-vmw-nsx-module: Policy /global-infra/bfd-profiles: get: consumes: - application/json description: | Paginated list of all BfdProfiles. operationId: GlobalInfraListBfdProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BfdProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List BfdProfiles tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/bfd-profiles/{bfd-profile-id}: delete: consumes: - application/json description: |- Delete BFD Config and all the entities contained by this BfdProfile. operationId: GlobalInfraDeleteBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete BFD Config and all the entities contained by this BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read a BfdProfile. operationId: GlobalInfraReadBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BfdProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a BfdProfile with the bfd-profile-id is not already present, create a new BfdProfile. If it already exists, update the BfdProfile. This operation will fully replace the object. operationId: GlobalInfraPatchBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string - in: body name: BfdProfile required: true schema: $ref: '#/definitions/BfdProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a BfdProfile with the bfd-profile-id is not already present, create a new BfdProfile. If it already exists, update the BfdProfile. This operation will fully replace the object. operationId: GlobalInfraUpdateBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string - in: body name: BfdProfile required: true schema: $ref: '#/definitions/BfdProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BfdProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/certificates: get: consumes: - application/json description: | Returns all certificate information viewable by the user, including each certificate's id; pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI. operationId: GlobalInfraListTlsCertificates parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type of certificate to return enum: - cluster_api_certificate in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCertificateList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Return All the User-Facing Components' Certificates tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate /global-infra/certificates/{certificate-id}: get: consumes: - application/json description: | Returns information for the specified certificate ID, including the certificate's id; pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI. operationId: GlobalInfraGetTlsCertificate parameters: - description: |- ID of certificate to read in: path name: certificate-id required: true type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Show Certificate Data for the Given Certificate ID tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate /global-infra/constraints: get: consumes: - application/json description: |- List tenant constraints. operationId: GlobalInfraListTenantConstraints parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ConstraintListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List tenant Constraints. tags: - Policy - Infra - Constraints x-vmw-nsx-module: PolicyConstraints /global-infra/constraints/{constraint-id}: get: consumes: - application/json description: |- Read tenant constraint. operationId: GlobalInfraReadTenantConstraint parameters: - in: path name: constraint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Constraint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read tenant Constraint. tags: - Policy - Infra - Constraints x-vmw-nsx-module: PolicyConstraints /global-infra/context-profiles: get: consumes: - application/json description: | Get all PolicyContextProfiles operationId: GlobalInfraListPolicyContextProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PolicyContextProfiles tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /global-infra/context-profiles/attributes: get: consumes: - application/json description: | Returns supported attribute and sub-attributes for specified attribute key with their supported values, if provided in query/request parameter, else will fetch all supported attributes and sub-attributes for all supported attribute keys. Alternatively, to get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes operationId: GlobalInfraListProfileSupportedAttributes parameters: - description: Fetch attributes and sub-attributes for the given attribute key in: query name: attribute_key required: false type: string - default: SYSTEM description: Source of the attribute, System Defined or custom enum: - ALL - CUSTOM - SYSTEM in: query name: attribute_source required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy Context Profile supported attributes and sub-attributes tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /global-infra/context-profiles/custom-attributes: patch: consumes: - application/json description: | This API updates custom attribute value list for given key. operationId: GlobalInfraPatchCustomAttributeList parameters: - in: body name: PolicyAttributes required: true schema: $ref: '#/definitions/PolicyAttributes' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update custom object attribute value list for given attribute key tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile post: consumes: - application/json description: | This API adds/removes custom attribute values from list for a given attribute key. operationId: GlobalInfraAddRemoveCustomAttributeValues parameters: - in: body name: PolicyAttributes required: true schema: $ref: '#/definitions/PolicyAttributes' - description: Add or Remove Custom Context Profile Attribute values. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Adds/Removes custom attribute values from list tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /global-infra/context-profiles/custom-attributes/default: get: consumes: - application/json description: | This API updates custom attribute value list for given key. operationId: GlobalInfraGetCustomAttribute parameters: - description: Fetch attributes and sub-attributes for the given attribute key in: query name: attribute_key required: false type: string - default: SYSTEM description: Source of the attribute, System Defined or custom enum: - ALL - CUSTOM - SYSTEM in: query name: attribute_source required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update custom object attribute value list for given attribute key tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile patch: consumes: - application/json description: | This API updates custom attribute value list for given key. operationId: GlobalInfraPatchCustomAttribute parameters: - in: body name: PolicyCustomAttributes required: true schema: $ref: '#/definitions/PolicyCustomAttributes' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update custom object attribute value list for given attribute key tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile post: consumes: - application/json description: | This API adds/removes custom attribute values from list for a given attribute key. operationId: GlobalInfraAddRemoveCustomAttribute parameters: - in: body name: PolicyCustomAttributes required: true schema: $ref: '#/definitions/PolicyCustomAttributes' - description: Add or Remove Custom Context Profile Attribute values. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Adds/Removes custom attribute values from list tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /global-infra/context-profiles/{context-profile-id}: delete: consumes: - application/json description: | Deletes the specified Policy Context Profile. If the Policy Context Profile is consumed in a firewall rule, it won't get deleted. operationId: GlobalInfraDeletePolicyContextProfile parameters: - description: |- Policy Context Profile Id in: path name: context-profile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean - default: false description: Delete the locally overriden global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Policy Context Profile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile get: consumes: - application/json description: | Get a single PolicyContextProfile by id operationId: GlobalInfraGetPolicyContextProfile parameters: - in: path name: context-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PolicyContextProfile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile patch: consumes: - application/json description: | Creates/Updates a PolicyContextProfile, which encapsulates attribute and sub-attributes of network services. Rules for using attributes and sub-attributes in single PolicyContextProfile 1. One type of attribute can't have multiple occurrences. ( Eg. - Attribute type APP_ID can be used only once per PolicyContextProfile.) 2. For specifying multiple values for an attribute, provide them in an array. 3. If sub-attribtes are mentioned for an attribute, then only single value is allowed for that attribute. 4. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes operationId: GlobalInfraPatchCreateOrUpdatePolicyContextProfile parameters: - in: path name: context-profile-id required: true type: string - in: body name: PolicyContextProfile required: true schema: $ref: '#/definitions/PolicyContextProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create PolicyContextProfile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile put: consumes: - application/json description: | Creates/Updates a PolicyContextProfile, which encapsulates attribute and sub-attributes of network services. Rules for using attributes and sub-attributes in single PolicyContextProfile 1. One type of attribute can't have multiple occurrences. ( Eg. - Attribute type APP_ID can be used only once per PolicyContextProfile.) 2. For specifying multiple values for an attribute, provide them in an array. 3. If sub-attribtes are mentioned for an attribute, then only single value is allowed for that attribute. 4. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes operationId: GlobalInfraPutCreateOrUpdatePolicyContextProfile parameters: - in: path name: context-profile-id required: true type: string - in: body name: PolicyContextProfile required: true schema: $ref: '#/definitions/PolicyContextProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create PolicyContextProfile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /global-infra/crls: get: consumes: - application/json description: | Returns information about all CRLs. For additional information, include the ?details=true modifier at the end of the request URI. operationId: GlobalInfraListTlsCrls parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type of certificate to return enum: - cluster_api_certificate in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCrlListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Return All Added CRLs tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate /global-infra/crls/{crl-id}: get: consumes: - application/json description: | Returns information about the specified CRL. For additional information, include the ?details=true modifier at the end of the request URI. operationId: GlobalInfraGetTlsCrl parameters: - in: path name: crl-id required: true type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCrl' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Show CRL Data for the Given CRL id. tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate /global-infra/dhcp-relay-configs: get: consumes: - application/json description: | Paginated list of all DHCP relay config instances operationId: GlobalInfraListDhcpRelayConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpRelayConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List DHCP relay config instances tags: - Policy - Networking - IP Management - DHCP - DHCP Relay Configs x-vmw-nsx-module: PolicyConnectivity /global-infra/dhcp-relay-configs/{dhcp-relay-config-id}: get: consumes: - application/json description: |- Read DHCP relay configuration operationId: GlobalInfraReadDhcpRelayConfig parameters: - description: |- DHCP relay config ID in: path name: dhcp-relay-config-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpRelayConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP relay configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Relay Configs x-vmw-nsx-module: PolicyConnectivity /global-infra/dhcp-server-configs: get: consumes: - application/json description: | Paginated list of all DHCP server config instances operationId: GlobalInfraListDhcpServerConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List DHCP server config instances tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivity /global-infra/dhcp-server-configs/{config-id}/leases: get: consumes: - application/json description: |- Read DHCP server leases operationId: GlobalInfraReadDhcpServerLeases parameters: - in: path name: config-id required: true type: string - description: IP or MAC address in: query name: address required: false type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Segment path to retrieve lease information in: query name: segment_path required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpLeasesResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server leases tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/dhcp-server-configs/{config-id}/state: get: consumes: - application/json description: |- Read DHCP server state operationId: GlobalInfraReadDhcpServerState parameters: - in: path name: config-id required: true type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server state tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/dhcp-server-configs/{config-id}/stats: get: consumes: - application/json description: |- Read DHCP server statistics operationId: GlobalInfraReadDhcpServerStats parameters: - in: path name: config-id required: true type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server statistics tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/dhcp-server-configs/{config-id}/status: get: consumes: - application/json description: |- Read DHCP server status operationId: GlobalInfraReadDhcpServerStatus parameters: - in: path name: config-id required: true type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server status tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/dhcp-server-configs/{dhcp-server-config-id}: get: consumes: - application/json description: |- Read DHCP server configuration operationId: GlobalInfraReadDhcpServerConfig parameters: - description: |- DHCP server config ID in: path name: dhcp-server-config-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivity /global-infra/dns-forwarder-zones: get: consumes: - application/json description: | Paginated list of all Dns Forwarder Zones operationId: GlobalInfraListPolicyDnsForwarderZone parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarderZoneListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Dns Forwarder Zones tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - DNS Zones x-vmw-nsx-module: PolicyDnsForwarder /global-infra/dns-forwarder-zones/{dns-forwarder-zone-id}: get: consumes: - application/json description: |- Read the DNS Forwarder Zone operationId: GlobalInfraReadPolicyDnsForwarderZone parameters: - description: |- DNS Forwarder Zone ID in: path name: dns-forwarder-zone-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarderZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder Zone tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - DNS Zones x-vmw-nsx-module: PolicyDnsForwarder /global-infra/dns-security-profiles: get: consumes: - application/json description: |- List all DNS security profiles operationId: GlobalInfraListDnsSecurityProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all DNS security profiles tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile /global-infra/dns-security-profiles/{profile-id}: delete: consumes: - application/json description: |- Delete DNS security profile operationId: GlobalInfraDeleteDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DNS security profile tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile get: consumes: - application/json description: |- Read the DNS Forwarder for the given tier-0 instance operationId: GlobalInfraReadDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder for the given tier-0 instance tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile patch: consumes: - application/json description: |- Create or update DNS security profile operationId: GlobalInfraPatchDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string - in: body name: DnsSecurityProfile required: true schema: $ref: '#/definitions/DnsSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DNS security profile tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile put: consumes: - application/json description: |- Create or update DNS security profile operationId: GlobalInfraUpdateDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string - in: body name: DnsSecurityProfile required: true schema: $ref: '#/definitions/DnsSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DNS security profile tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile /global-infra/domains: get: consumes: - application/json description: | Paginated list of all domains for infra. operationId: GlobalInfraListDomainForInfra parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DomainListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List domains for infra tags: - Policy - Infra - Domains - Domain x-vmw-nsx-module: Policy /global-infra/domains/firewall-session-timer-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall Session Timer Profile Binding Maps across all domains. This API returns the binding maps order by the sequence number. operationId: GlobalInfraListFirewallSessionTimerBindingsAcrossDomains parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Session Timer Profile Binding Maps for all domains tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding /global-infra/domains/{domain-id}: get: consumes: - application/json description: | Read a domain. operationId: GlobalInfraReadDomainForInfra parameters: - description: |- Domain ID in: path name: domain-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Domain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read domain tags: - Policy - Infra - Domains - Domain x-vmw-nsx-module: Policy /global-infra/domains/{domain-id}/domain-deployment-maps: get: consumes: - application/json description: | Paginated list of all Domain Deployment Entries for infra. operationId: GlobalInfraListDomainDeploymentMapsForInfra parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DomainDeploymentMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Domain Deployment maps for infra tags: - Policy - Infra - Domains - Domain Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/domains/{domain-id}/domain-deployment-maps/{domain-deployment-map-id}: get: consumes: - application/json description: | Read a Domain Deployment Map operationId: GlobalInfraReadDomainDeploymentMapForInfra parameters: - in: path name: domain-id required: true type: string - in: path name: domain-deployment-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DomainDeploymentMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a DomainDeploymentMap tags: - Policy - Infra - Domains - Domain Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/domains/{domain-id}/forwarding-policies: get: consumes: - application/json description: | List all forwarding policies for the given domain ordered by precedence. operationId: GlobalInfraListForwardingPolicies parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List forwarding policies for the given domain tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /global-infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}: get: consumes: - application/json description: | Read forwarding policy. operationId: GlobalInfraReadForwardingPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read forwarding policy tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /global-infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}/rules: get: consumes: - application/json description: |- List rules operationId: GlobalInfraListForwardingRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List rules tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /global-infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}/rules/{rule-id}: get: consumes: - application/json description: |- Read rule operationId: GlobalInfraReadForwardingRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /global-infra/domains/{domain-id}/gateway-policies: get: consumes: - application/json description: |- List all gateway policies for specified Domain. operationId: GlobalInfraListGatewayPoliciesForDomain parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List gateway policies tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}: get: consumes: - application/json description: | Read gateway policy for a domain. operationId: GlobalInfraReadGatewayPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read gateway policy tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/rules: get: consumes: - application/json description: |- List rules operationId: GlobalInfraListGatewayRules parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List rules tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}: get: consumes: - application/json description: |- Read rule operationId: GlobalInfraReadGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}/statistics: get: consumes: - application/json description: | Get statistics of a gateway rule. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GlobalInfraGetGatewayRuleStatistics parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get gateway rule statistics tags: - Policy - Security - North South Security - Gateway Firewall - Statistics x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/statistics: get: consumes: - application/json description: | Get statistics of a gateay policy. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GlobalInfraGetGatewayPolicyStatistics parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get gateway policy statistics tags: - Policy - Security - North South Security - Gateway Firewall - Statistics x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/domains/{domain-id}/groups: get: consumes: - application/json description: | List Groups for a domain. Groups can be filtered using member_types query parameter, which returns the groups that contains the specified member types. Multiple member types can be provided as comma separated values. The API also return groups having member type that are subset of provided member_types. operationId: GlobalInfraListGroupForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Comma Seperated Member types in: query name: member_types required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Groups for a domain tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /global-infra/domains/{domain-id}/groups/{group-id}: get: consumes: - application/json description: |- Read group operationId: GlobalInfraReadGroupForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Group' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /global-infra/domains/{domain-id}/groups/{group-id}/discovery-profile-binding-maps: get: consumes: - application/json description: |- API will get Group discovery profile binding map operationId: GlobalInfraListGroupDiscoveryProfileBindings parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Group discovery profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /global-infra/domains/{domain-id}/groups/{group-id}/discovery-profile-binding-maps/{discovery-profile-binding-map-id}: get: consumes: - application/json description: |- API will get Group discovery profile binding map operationId: GlobalInfraGetGroupDiscoveryProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group discovery profile binding map ID in: path name: discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Group discovery profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /global-infra/domains/{domain-id}/groups/{group-id}/dns-security-profile-binding-maps: get: consumes: - application/json description: |- API will get DNS security profile binding map operationId: GlobalInfraListDnsSecurityProfileBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DNS security profile binding map tags: - Policy - Security - Security Profiles - DNS Security Profile Bindings x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding ? /global-infra/domains/{domain-id}/groups/{group-id}/dns-security-profile-binding-maps/{dns-security-profile-binding-map-id} : get: consumes: - application/json description: |- API will get DNS security profile binding map operationId: GlobalInfraGetDnsSecurityProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- DNS security profile binding map ID in: path name: dns-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DNS security profile binding map tags: - Policy - Security - Security Profiles - DNS Security Profile Bindings x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding /global-infra/domains/{domain-id}/groups/{group-id}/firewall-flood-protection-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall Flood Protection Profile Binding Maps in current group id. operationId: GlobalInfraListPolicyFirewallFloodProtectionBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Flood Protection Profile Binding Maps tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding ? /global-infra/domains/{domain-id}/groups/{group-id}/firewall-flood-protection-profile-binding-maps/{firewall-flood-protection-profile-binding-map-id} : get: consumes: - application/json description: | API will get Firewall Flood Protection Profile Binding Map operationId: GlobalInfraGetPolicyFirewallFloodProtectionBinding parameters: - description: |- Domain-ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Flood Protection Profile Binding Map ID in: path name: firewall-flood-protection-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall Flood Protection Profile Binding Map tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding /global-infra/domains/{domain-id}/groups/{group-id}/firewall-session-timer-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall Session Timer Profile Binding Maps in current group id. operationId: GlobalInfraListPolicyFirewallSessionTimerBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Session Timer Profile Binding Maps tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding ? /global-infra/domains/{domain-id}/groups/{group-id}/firewall-session-timer-profile-binding-maps/{firewall-session-timer-profile-binding-map-id} : get: consumes: - application/json description: | API will get Firewall Session Timer Profile Binding Map operationId: GlobalInfraGetPolicyFirewallSessionTimerBinding parameters: - description: |- Domain-ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Session Timer Profile Binding Map ID in: path name: firewall-session-timer-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall Session Timer Profile Binding Map tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding /global-infra/domains/{domain-id}/groups/{group-id}/group-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Group Monitoring Profile Binding Maps in current group id. operationId: GlobalInfraListGroupMonitoringBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Group Monitoring Profile Binding Maps tags: - Policy - Security - Security Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/domains/{domain-id}/groups/{group-id}/group-monitoring-profile-binding-maps/{group-monitoring-profile-binding-map-id} : get: consumes: - application/json description: | API will get Group Monitoring Profile Binding Map operationId: GlobalInfraGetGroupMonitoringBinding parameters: - description: |- Domain-ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group Monitoring Profile Binding Map ID in: path name: group-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Group Monitoring Profile Binding Map tags: - Policy - Security - Security Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/domains/{domain-id}/groups/{group-id}/group-monitoring-profile-binding-maps/{group-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get mirror stack status by Group Monitoring Profile Binding Map operationId: GlobalInfraGetGroupMonitoringBindingMirrorStackStatus parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - in: path name: group-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Group Monitoring Profile Binding Map. tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /global-infra/domains/{domain-id}/groups/{group-id}/member-types: get: consumes: - application/json description: | It retrieves member types for a given group. In case of nested groups, it calculates member types of child groups as well. Considers member type for members added via static members and dynamic membership criteria. operationId: GlobalInfraGetMemberTypesForGroup parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupMemberTypeListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get member types for a given Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: Policy /global-infra/domains/{domain-id}/groups/{group-id}/members/consolidated-effective-ip-addresses: get: consumes: - application/json description: | Returns consolidated effective ip address members of the specified NSGroup. Applicable in case of federated environment. The response contains site-wise list of consolidated effective IP address members. In the response, for the local-site, the list will contain static and dynamicaly translated IPs. For the remote sites, the list will contain only the dynamically translated IPs. The static IPs will not be seen in the response of this API. Hence, user can refer to the local-site Ip response in the API results or the group definition to see the static IP membership of the Group. This API is applicable only for Global Groups containing (directly or via nesting) either VirtualMachine, VIF, Segment, SegmentPort or IPSet member type. Use the cursor value in the response to fetch the next page. If there is no cursor value for a response, it implies the last page in the results for the query. operationId: GlobalInfraGetConsolidatedEffectiveIPMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IP address, range, or subnet format: address-or-block-or-range in: query name: ip_filter required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: 'UUID of the site from which the effective IP addresses are to be fetched ' in: query name: site_id required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ConsolidatedEffectiveIPAddressMemberListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get consolidated effective IPAddress translated from this group across site tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/dvpg: get: consumes: - application/json description: | Get Discovered Port Groups that belong to this Group operationId: GlobalInfraGetGroupDVPGMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Discovered Port Groups that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/dvports: get: consumes: - application/json description: | Get discovered ports that belong to this Group operationId: GlobalInfraGetGroupDiscoveredPortMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get discovered ports that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/ip-addresses: get: consumes: - application/json description: | Get IP addresses that belong to this Group. This API is applicable for Groups containing either VirtualMachine, VIF, Segment ,Segment Port or IP Address member type.For Groups containing other member types,an empty list is returned operationId: GlobalInfraGetGroupIPMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupIPMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IP addresses that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/logical-ports: get: consumes: - application/json description: | Get logical ports that belong to this Group This API is applicable for Groups containing either VirtualMachine, VIF, Segment or Segment Port member type.For Groups containing other member types,an empty list is returned. operationId: GlobalInfraGetGroupLPMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get logical ports that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/logical-switches: get: consumes: - application/json description: | Get logical switches that belong to this Group. This API is applicable for Groups containing Segment member type. For Groups containing other member types, an empty list is returned. operationId: GlobalInfraGetGroupLSMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get logical switches that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/pods: get: consumes: - application/json description: | Get pods that belong to this Group. This API is applicable for Groups containing either Pod, Cluster, Namespace, Service member type. For Groups containing other member types an empty list is returned operationId: GlobalInfraGetGroupPodMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Cluster ID in: query name: cluster_id required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContainerGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get pods that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/segment-ports: get: consumes: - application/json description: | Get segment ports that belong to this Group operationId: GlobalInfraGetGroupSegmentPortMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment ports that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/segments: get: consumes: - application/json description: | Get segments that belong to this Group operationId: GlobalInfraGetGroupSegmentMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segments that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/vifs: get: consumes: - application/json description: | Get Virtual Network Interface instances that belong to this Group. This API is applicable for Groups containing VirtualNetworkInterface and VirtualMachine member types. For Groups containing other member types,an empty list is returned.target_id in response is external_id of VirtualNetworkInterface or VirtualMachine. operationId: GlobalInfraGetGroupVIFMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualNetworkInterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Virtual Network Interface instances that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/members/virtual-machines: get: consumes: - application/json description: | Get Virtual machines that belong to this Group. This API is applicable for Groups containing VirtualMachine,member type. For Groups containing other member types,an empty list is returned. operationId: GlobalInfraGetGroupVMMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedVirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Virtual machines that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/groups/{group-id}/tags: get: consumes: - application/json description: | Get tags used to define conditions inside a Group. Also includes tags inside nested groups. operationId: GlobalInfraGetGroupTags parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupTagsList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tags used to define conditions inside a Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/domains/{domain-id}/security-policies: get: consumes: - application/json description: | List all security policies for a domain. operationId: GlobalInfraListSecurityPoliciesForDomain parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List security policies tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /global-infra/domains/{domain-id}/security-policies/{security-policy-id}: get: consumes: - application/json description: | Read security policy for a domain. operationId: GlobalInfraReadSecurityPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read security policy tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /global-infra/domains/{domain-id}/security-policies/{security-policy-id}/rules: get: consumes: - application/json description: |- List rules operationId: GlobalInfraListSecurityRules parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List rules tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /global-infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}: get: consumes: - application/json description: |- Read rule operationId: GlobalInfraReadSecurityRule parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /global-infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}/statistics: get: consumes: - application/json description: | Get statistics of a rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GlobalInfraGetRuleStatistics parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Security policy id in: path name: security-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get rule statistics tags: - Policy - Security - East West Security - Distributed Firewall - Statistics x-vmw-nsx-module: DfwSecurityPolicy /global-infra/domains/{domain-id}/security-policies/{security-policy-id}/statistics: get: consumes: - application/json description: | Get statistics of a security policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GlobalInfraGetSecurityPolicyStatistics parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Security policy id in: path name: security-policy-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get security policy statistics tags: - Policy - Security - East West Security - Distributed Firewall - Statistics x-vmw-nsx-module: DfwSecurityPolicy /global-infra/federation-config: get: consumes: - application/json description: |- Read a federation config from Global Manager. operationId: GlobalInfraReadFederationConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FederationConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read federation config tags: - Federation - Federation Configuration x-vmw-nsx-module: PolicySiteGM /global-infra/firewall-session-timer-profiles: get: consumes: - application/json description: |- API will list all Firewall Session Timer Profiles operationId: GlobalInfraListPolicyFirewallSessionTimerProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Session Timer Profiles tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile /global-infra/firewall-session-timer-profiles/{firewall-session-timer-profile-id}: delete: consumes: - application/json description: |- API will delete Firewall Session Timer Profile operationId: GlobalInfraDeletePolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile get: consumes: - application/json description: |- API will get Firewall Session Timer Profile operationId: GlobalInfraGetPolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile patch: consumes: - application/json description: |- API will create/update Firewall Session Timer Profile operationId: GlobalInfraPatchPolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string - in: body name: PolicyFirewallSessionTimerProfile required: true schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile put: consumes: - application/json description: |- API will update Firewall Session Timer Profile operationId: GlobalInfraUpdatePolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string - in: body name: PolicyFirewallSessionTimerProfile required: true schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile /global-infra/firewall/policies: get: consumes: - application/json description: | Get the list of policies filtered based on the given criteria. operationId: GlobalInfraGetFilteredPolicies parameters: - description: Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Path of the parent object of the entities in: query name: parent_path required: false type: string - description: Scope filter criteria in: query name: scope required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get policies filtered based on the given criteria tags: - Policy - Security x-vmw-nsx-module: PolicyFirewallConfiguration /global-infra/firewall/rules: get: consumes: - application/json description: | Get the list of rules of given parent path of policy/section, filtered based on the given criteria. Parent path is mandatory. operationId: GlobalInfraGetFilteredRules parameters: - description: Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Path of the parent object of the entities in: query name: parent_path required: false type: string - description: Scope filter criteria in: query name: scope required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get rules filtered based on the given criteria tags: - Policy - Security x-vmw-nsx-module: PolicyFirewallConfiguration /global-infra/flood-protection-profiles: get: consumes: - application/json description: |- API will list all Flood Protection Profiles operationId: GlobalInfraListFloodProtectionProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Flood Protection Profiles tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile /global-infra/flood-protection-profiles/{flood-protection-profile-id}: delete: consumes: - application/json description: |- API will delete Flood Protection Profile operationId: GlobalInfraDeleteFloodProtectionProfile parameters: - description: |- Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile get: consumes: - application/json description: |- API will get Flood Protection Profile operationId: GlobalInfraGetFloodProtectionProfile parameters: - description: |- Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile patch: consumes: - application/json description: |- API will create/update Flood Protection Profile operationId: GlobalInfraPatchFloodProtectionProfile parameters: - description: |- Firewall Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string - in: body name: FloodProtectionProfile required: true schema: $ref: '#/definitions/FloodProtectionProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile put: consumes: - application/json description: |- API will update Firewall Flood Protection Profile operationId: GlobalInfraUpdateFloodProtectionProfile parameters: - description: |- Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string - in: body name: FloodProtectionProfile required: true schema: $ref: '#/definitions/FloodProtectionProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Firewall Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile /global-infra/flood-protection-profiles/{flood-protection-profile-id}/bindings: get: consumes: - application/json description: |- API will list all Flood Protection Profiles bindings. operationId: GlobalInfraListFloodProtectionProfileBindings parameters: - in: path name: flood-protection-profile-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Flood Protection Profiles tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile /global-infra/full-sync-states: get: consumes: - application/json description: |- List full sync state. operationId: GlobalInfraListFullSyncStates parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FullSyncStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List full sync states tags: - Federation - Full Synchronization x-vmw-nsx-module: PolicyFullSync /global-infra/full-sync-states/{full-sync-id}: get: consumes: - application/json description: |- Get full sync state. operationId: GlobalInfraGetFullSyncStates parameters: - in: path name: full-sync-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FullSyncState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get full sync state tags: - Federation - Full Synchronization x-vmw-nsx-module: PolicyFullSync /global-infra/gateway-qos-profiles: get: consumes: - application/json description: | Paginated list of all gateway QoS profle instances operationId: GlobalInfraListGatewayQosProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayQosProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all gateway QoS profiles tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/gateway-qos-profiles/{qos-profile-id}: delete: consumes: - application/json description: |- Delete QoS profile operationId: GlobalInfraDeleteGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read gateway QoS profile operationId: GlobalInfraReadGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayQosProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If profile with the qos-profile-id is not already present, create a new gateway QoS profile instance. If it already exists, update the gateway QoS profile instance with specified attributes. operationId: GlobalInfraPatchGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string - in: body name: GatewayQosProfile required: true schema: $ref: '#/definitions/GatewayQosProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If profile with the qos-profile-id is not already present, create a new gateway QoS profile instance. If it already exists, replace the gateway QoS profile instance with this object. operationId: GlobalInfraCreateOrReplaceGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string - in: body name: GatewayQosProfile required: true schema: $ref: '#/definitions/GatewayQosProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayQosProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/global-manager-config?action=show-sensitive-data: get: consumes: - application/json description: | Read a Global Manager config along with sensitive data. For example - rtep_config.ibgp_password operationId: GlobalInfraReadGlobalManagerConfigWithSensitiveData produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalManagerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Global Manager config along with sensitive data tags: - Federation - Federation Configuration x-vmw-nsx-module: PolicySiteGM /global-infra/global-managers: get: consumes: - application/json description: | List Global Managers under Infra. operationId: GlobalInfraListInfraGlobalManagers parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalManagerListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Global Managers tags: - Federation - Global Managers x-vmw-nsx-module: PolicySiteGM /global-infra/global-managers/{global-manager-id}: get: consumes: - application/json description: | Retrieve information about a particular configured global manager. Global Manager id 'self' is reserved and can be used for referring to local logged in Global Manager. Example - /infra/global-managers/self operationId: GlobalInfraReadInfraGlobalManager parameters: - in: path name: global-manager-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalManager' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Global Manager tags: - Federation - Global Managers x-vmw-nsx-module: PolicySiteGM /global-infra/group-associations: get: consumes: - application/json description: | Get policy groups for which the given object is a member. In Federation environment, if the given object is a global entity (eg: global segment) and if the entity is not stretched to the site specified in the enforcement_point_path parameter,then the following is returned:- 1)If the entity is a member of any global group and that group is stretched to the enforcement_point_path site,then the API returns an empty list. 2)If the entity is not a member of any global group,this API returns an 'invalid path' error message. 3)If both the entity and its corresponding groups are stretched to the enforcement_point_path site , then the API returns the groups list. operationId: GlobalInfraGetGroupsForObject parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: String path of the intent object in: query name: intent_path required: true type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given object is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/group-service-associations: get: consumes: - application/json description: | The API returns all the services associated with the given Group. It also returns the services associated with the parent groups of the given group. operationId: GlobalInfraGetPolicyGroupServiceAssociations parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Path of the entity in: query name: intent_path required: true type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of services where the given group is consumed. tags: - Policy x-vmw-nsx-module: PolicyGroupRealization /global-infra/ip-address-group-associations: get: consumes: - application/json description: | Get policy groups for which the given IP address is a member. operationId: GlobalInfraGetGroupsForIPAddress parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress in: query name: ip_address required: true type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given IP address is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/ip-discovery-profiles: get: consumes: - application/json description: | API will list all IP Discovery Profiles active in current discovery profile id. operationId: GlobalInfraGetIPDiscoveryProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPDiscoveryProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IP Discovery Profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery /global-infra/ip-discovery-profiles/{ip-discovery-profile-id}: delete: consumes: - application/json description: | API will delete IP Discovery profile. operationId: GlobalInfraDeleteIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery get: consumes: - application/json description: | API will get IP Discovery profile. operationId: GlobalInfraGetIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery patch: consumes: - application/json description: | API will create IP Discovery profile. operationId: GlobalInfraCreateIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string - in: body name: IPDiscoveryProfile required: true schema: $ref: '#/definitions/IPDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery put: consumes: - application/json description: | API will update IP Discovery profile. operationId: GlobalInfraUpdateIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string - in: body name: IPDiscoveryProfile required: true schema: $ref: '#/definitions/IPDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery /global-infra/ipfix-dfw-collector-profiles: get: consumes: - application/json description: | API will provide list of all IPFIX dfw collector profiles and their details. operationId: GlobalInfraListIPFIXDFWCollectorProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWCollectorProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX Collector profiles. tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW /global-infra/ipfix-dfw-collector-profiles/{ipfix-dfw-collector-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX dfw collector profile. Flow forwarding to collector will be stopped. operationId: GlobalInfraDeleteIPFIXDFWCollectorProfile parameters: - description: |- IPFIX dfw collector Profile id in: path name: ipfix-dfw-collector-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX dfw Collector profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW get: consumes: - application/json description: | API will return details of IPFIX dfw collector profile. If profile does not exist, it will return 404. operationId: GlobalInfraReadIPFIXDFWCollectorProfile parameters: - description: |- IPFIX dfw collector profile id in: path name: ipfix-dfw-collector-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX dfw Collector profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW patch: consumes: - application/json description: | Create a new IPFIX dfw collector profile if the IPFIX dfw collector profile with given id does not already exist. If the IPFIX dfw collector profile with the given id already exists, patch with the existing IPFIX dfw collector profile. operationId: GlobalInfraPatchIPFIXDFWCollectorProfile parameters: - in: path name: ipfix-dfw-collector-profile-id required: true type: string - in: body name: IPFIXDFWCollectorProfile required: true schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- IPFIX dfw collector profile id tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW put: consumes: - application/json description: | Create or Replace IPFIX dfw collector profile. IPFIX data will be sent to IPFIX collector port. operationId: GlobalInfraCreateOrReplaceIPFIXDFWCollectorProfile parameters: - description: |- IPFIX dfw collector profile id in: path name: ipfix-dfw-collector-profile-id required: true type: string - in: body name: IPFIXDFWCollectorProfile required: true schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX dfw collector profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW /global-infra/ipfix-dfw-profiles: get: consumes: - application/json description: | API provides list IPFIX DFW profiles available on selected logical DFW. operationId: GlobalInfraListIPFIXDFWProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX DFW Profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW /global-infra/ipfix-dfw-profiles/{ipfix-dfw-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX DFW Profile. Selected IPFIX Collectors will stop receiving flows. operationId: GlobalInfraDeleteIPFIXDFWProfile parameters: - description: |- IPFIX DFW Profile ID in: path name: ipfix-dfw-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX DFW Profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW get: consumes: - application/json description: | API will return details of IPFIX DFW profile. operationId: GlobalInfraReadIPFIXDFWProfile parameters: - description: |- IPFIX DFW collection id in: path name: ipfix-dfw-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX DFW Profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW patch: consumes: - application/json description: | Create a new IPFIX DFW profile if the IPFIX DFW profile with given id does not already exist. If the IPFIX DFW profile with the given id already exists, patch with the existing IPFIX DFW profile. operationId: GlobalInfraPatchIPFIXDFWProfile parameters: - description: |- IPFIX DFW Profile ID in: path name: ipfix-dfw-profile-id required: true type: string - in: body name: IPFIXDFWProfile required: true schema: $ref: '#/definitions/IPFIXDFWProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IPFIX DFW profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW put: consumes: - application/json description: | Create or replace IPFIX DFW profile. Config will start forwarding data to provided IPFIX DFW collector. operationId: GlobalInfraCreateOrReplaceIPFIXDFWProfile parameters: - description: |- IPFIX DFW Profile ID in: path name: ipfix-dfw-profile-id required: true type: string - in: body name: IPFIXDFWProfile required: true schema: $ref: '#/definitions/IPFIXDFWProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX DFW collection Config. tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW /global-infra/ipfix-l2-collector-profiles: get: consumes: - application/json description: | API will provide list of all IPFIX collector profiles and their details. operationId: GlobalInfraListIPFIXL2CollectorProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2CollectorProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX Collector profiles. tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch /global-infra/ipfix-l2-collector-profiles/{ipfix-l2-collector-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX collector profile. Flow forwarding to collector will be stopped. operationId: GlobalInfraDeleteIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector Profile id in: path name: ipfix-l2-collector-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX Collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch get: consumes: - application/json description: | API will return details of IPFIX collector profile. operationId: GlobalInfraReadIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector profile id in: path name: ipfix-l2-collector-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2CollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX Collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch patch: consumes: - application/json description: | Create a new IPFIX collector profile if the IPFIX collector profile with given id does not already exist. If the IPFIX collector profile with the given id already exists, patch with the existing IPFIX collector profile. operationId: GlobalInfraPatchIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector profile id in: path name: ipfix-l2-collector-profile-id required: true type: string - in: body name: IPFIXL2CollectorProfile required: true schema: $ref: '#/definitions/IPFIXL2CollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IPFIX collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch put: consumes: - application/json description: | Create or Replace IPFIX collector profile. IPFIX data will be sent to IPFIX collector. operationId: GlobalInfraCreateOrReplaceIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector profile id in: path name: ipfix-l2-collector-profile-id required: true type: string - in: body name: IPFIXL2CollectorProfile required: true schema: $ref: '#/definitions/IPFIXL2CollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2CollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch /global-infra/ipfix-l2-profiles: get: consumes: - application/json description: | API provides list IPFIX L2 Profiles available on selected logical l2. operationId: GlobalInfraListIPFIXL2Profiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2ProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX L2 Profiles tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch /global-infra/ipfix-l2-profiles/{ipfix-l2-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX L2 Profile. Flow forwarding to selected collector will be stopped. operationId: GlobalInfraDeleteIPFIXL2Profile parameters: - description: |- IPFIX L2 Profile ID in: path name: ipfix-l2-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX L2 Profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch get: consumes: - application/json description: | API will return details of IPFIX L2 profile. operationId: GlobalInfraReadIPFIXL2Profile parameters: - description: |- IPFIX L2 profile id in: path name: ipfix-l2-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2Profile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX L2 Profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch patch: consumes: - application/json description: | Create a new IPFIX L2 profile if the IPFIX L2 profile with given id does not already exist. If the IPFIX L2 profile with the given id already exists, patch with the existing IPFIX L2 profile. operationId: GlobalInfraPatchIPFIXL2Profile parameters: - description: |- IPFIX L2 Profile ID in: path name: ipfix-l2-profile-id required: true type: string - in: body name: IPFIXL2Profile required: true schema: $ref: '#/definitions/IPFIXL2Profile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IPFIX L2profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch put: consumes: - application/json description: | Create or replace IPFIX L2 Profile. Profile is reusable entity. Single profile can attached multiple bindings e.g group, segment and port. operationId: GlobalInfraCreateOrReplaceIPFIXL2Profile parameters: - description: |- IPFIX L2 Profile ID in: path name: ipfix-l2-profile-id required: true type: string - in: body name: IPFIXL2Profile required: true schema: $ref: '#/definitions/IPFIXL2Profile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2Profile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX L2 profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch /global-infra/ipv6-dad-profiles: get: consumes: - application/json description: | Paginated list of all IPv6 DAD profile instances operationId: GlobalInfraListIpv6DadProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6DadProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all IPv6 DAD profiles tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/ipv6-dad-profiles/{dad-profile-id}: delete: consumes: - application/json description: |- Delete IPv6 DAD profile operationId: GlobalInfraDeleteIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read IPv6 DAD profile operationId: GlobalInfraReadIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6DadProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If profile with the dad-profile-id is not already present, create a new IPv6 DAD profile instance. If it already exists, update the IPv6 DAD profile instance with specified attributes. operationId: GlobalInfraPatchIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string - in: body name: Ipv6DadProfile required: true schema: $ref: '#/definitions/Ipv6DadProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If profile with the dad-profile-id is not already present, create a new IPv6 DAD profile instance. If it already exists, replace the IPv6 DAD profile instance with this object. operationId: GlobalInfraCreateOrReplaceIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string - in: body name: Ipv6DadProfile required: true schema: $ref: '#/definitions/Ipv6DadProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6DadProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/ipv6-ndra-profiles: get: consumes: - application/json description: | Paginated list of all IPv6 NDRA profile instances operationId: GlobalInfraListIpv6NdraProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6NdraProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all IPv6 NDRA profiles tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/ipv6-ndra-profiles/{ndra-profile-id}: delete: consumes: - application/json description: |- Delete IPv6 NDRA profile operationId: GlobalInfraDeleteIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read IPv6 NDRA profile operationId: GlobalInfraReadIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6NdraProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If profile with the ndra-profile-id is not already present, create a new IPv6 NDRA profile instance. If it already exists, update the IPv6 NDRA profile instance with specified attributes. operationId: GlobalInfraPatchIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string - in: body name: Ipv6NdraProfile required: true schema: $ref: '#/definitions/Ipv6NdraProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If profile with the ndra-profile-id is not already present, create a new IPv6 NDRA profile instance. If it already exists, replace the IPv6 NDRA profile instance with this object. operationId: GlobalInfraCreateOrReplaceIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string - in: body name: Ipv6NdraProfile required: true schema: $ref: '#/definitions/Ipv6NdraProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6NdraProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity /global-infra/labels: get: consumes: - application/json description: | Paginated list of all labels for infra. operationId: GlobalInfraListPolicyLabelForInfra parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLabelListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List labels for infra tags: - Policy - Infra - Labels x-vmw-nsx-module: PolicyLabel /global-infra/labels/{label-id}: get: consumes: - application/json description: | Read a label. operationId: GlobalInfraReadPolicyLabelForInfra parameters: - in: path name: label-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLabel' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read lable tags: - Policy - Infra - Labels x-vmw-nsx-module: PolicyLabel /global-infra/mac-discovery-profiles: get: consumes: - application/json description: | API will list all Mac Discovery Profiles active in current discovery profile id. operationId: GlobalInfraGetMacDiscoveryProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MacDiscoveryProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Mac Discovery Profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery /global-infra/mac-discovery-profiles/{mac-discovery-profile-id}: delete: consumes: - application/json description: | API will delete Mac Discovery profile. operationId: GlobalInfraDeleteMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery get: consumes: - application/json description: | API will get Mac Discovery profile. operationId: GlobalInfraGetMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MacDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery patch: consumes: - application/json description: | API will create Mac Discovery profile. operationId: GlobalInfraCreateMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string - in: body name: MacDiscoveryProfile required: true schema: $ref: '#/definitions/MacDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery put: consumes: - application/json description: | API will update Mac Discovery profile. operationId: GlobalInfraUpdateMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string - in: body name: MacDiscoveryProfile required: true schema: $ref: '#/definitions/MacDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MacDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery /global-infra/metadata-proxies/{metadata-proxy-id}/statistics: get: consumes: - application/json description: |- Get metadata proxy status operationId: GlobalInfraReadMetadataProxyStatistics parameters: - in: path name: metadata-proxy-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: String Path of the segment which is associated with this metadata proxy in: query name: segment_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMetadataProxyStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get metadata proxy status tags: - Policy - Networking - Network Services - Metadata Proxy - Status x-vmw-nsx-module: PolicyMetadataProxy /global-infra/metadata-proxies/{metadata-proxy-id}/status: get: consumes: - application/json description: |- Get metadata proxy status operationId: GlobalInfraReadMetadataProxyStatus parameters: - in: path name: metadata-proxy-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: String Path of the segment which is associated with this metadata proxy in: query name: segment_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMetadataProxyStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get metadata proxy status tags: - Policy - Networking - Network Services - Metadata Proxy - Status x-vmw-nsx-module: PolicyMetadataProxy /global-infra/pod-group-associations: get: consumes: - application/json description: | Get policy groups for which the given pod is a member. operationId: GlobalInfraGetGroupsForContainerApplicationInstance parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: ContainerApplicationInstance in: query name: pod_id required: true type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given pod is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/port-mirroring-profiles: get: consumes: - application/json description: | API will list all port mirroring profiles group. operationId: GlobalInfraListPortMirroringProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port Mirroring Profiles tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring /global-infra/port-mirroring-profiles/{port-mirroring-profile-id}: delete: consumes: - application/json description: | API will delete port mirroring profile. Mirroring from source to destination ports will be stopped. operationId: GlobalInfraDeletePortMirroringProfile parameters: - description: |- Port Mirroring Profile Id in: path name: port-mirroring-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port Mirroring Profile tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring get: consumes: - application/json description: | API will return details of port mirroring profile. operationId: GlobalInfraReadPortMirroringProfile parameters: - description: |- Port Mirroring Profile Id in: path name: port-mirroring-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Details of Port Mirroring Profile tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring patch: consumes: - application/json description: | Create a new Port Mirroring Profile if the Port Mirroring Profile with given id does not already exist. If the Port Mirroring Profile with the given id already exists, patch with the existing Port Mirroring Profile. Realized entities of this API can be found using the path of monitoring profile binding map that is used to apply this profile. operationId: GlobalInfraPatchPortMirroringProfile parameters: - description: |- Port Mirroring Profile Id in: path name: port-mirroring-profile-id required: true type: string - in: body name: PortMirroringProfile required: true schema: $ref: '#/definitions/PortMirroringProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Port Mirroring Profile. tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring put: consumes: - application/json description: | Create or Replace port mirroring profile. Packets will be mirrored from source group, segment, port to destination group. Realized entities of this API can be found using the path of monitoring profile binding map that is used to apply this profile. operationId: GlobalInfraCreateOrReplacePortMirroringProfile parameters: - description: |- Port Mirroring Profiles Id in: path name: port-mirroring-profile-id required: true type: string - in: body name: PortMirroringProfile required: true schema: $ref: '#/definitions/PortMirroringProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace Port Mirroring Profile. tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring /global-infra/qos-profiles: get: consumes: - application/json description: | API will list all QoS profiles. operationId: GlobalInfraListQoSProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/QoSProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List QoS Profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS /global-infra/qos-profiles/{qos-profile-id}: delete: consumes: - application/json description: | API will delete QoS profile. operationId: GlobalInfraDeleteQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete QoS profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS get: consumes: - application/json description: | API will return details of QoS profile. operationId: GlobalInfraReadQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/QoSProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Details of QoS profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS patch: consumes: - application/json description: | Create a new QoS profile if the QoS profile with given id does not already exist. If the QoS profile with the given id already exists, patch with the existing QoS profile. operationId: GlobalInfraPatchQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string - in: body name: QoSProfile required: true schema: $ref: '#/definitions/QoSProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch QoS profile. tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS put: consumes: - application/json description: | Create or Replace QoS profile. operationId: GlobalInfraCreateOrReplaceQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string - in: body name: QoSProfile required: true schema: $ref: '#/definitions/QoSProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/QoSProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace QoS profile. tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS /global-infra/realized-state/realized-entities: get: consumes: - application/json description: | Get list of realized entities associated with intent object, specified by path in query parameter operationId: GlobalInfraListRealizedEntities parameters: - description: String Path of the intent object in: query name: intent_path required: true type: string - description: Policy Path of the site in: query name: site_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get list of realized objects associated with intent object tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /global-infra/realized-state/realized-entity?action=refresh: post: consumes: - application/json description: | Refresh the status and statistics of all realized entities associated with given intent path synchronously. The vmw-async: True HTTP header cannot be used with this API. operationId: GlobalInfraRefreshRealizedState parameters: - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: String Path of the intent object in: query name: intent_path required: true type: string responses: '204': description: No Content '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Refresh all realized entities associated with the intent-path tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /global-infra/realized-state/status: get: consumes: - application/json description: | Get Consolidated Status of an intent object (with or without enforcement specific status details). The request is evaluated as follows: - <intent_path>: the request is evaluated on all enforcement points for the given intent without enforcement point specific details. - <intent_path, include_enforced_status>: the request is evaluated on all enforcement points for the given intent with enforcement point specific details. operationId: GlobalInfraReadIntentStatus parameters: - default: false description: Include Enforced Status Flag in: query name: include_enforced_status type: boolean - description: Policy Path of the intent object in: query name: intent_path required: true type: string - description: Policy Path of the site from where the realization status needs to be fetched in: query name: site_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ConsolidatedRealizedStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get consolidated status of an intent object tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /global-infra/security-global-config: get: consumes: - application/json description: | This reads the security-global-config used for NSX Manager appliance certificates. These properties are not sent to the hosts. operationId: GlobalInfraReadSecurityGlobalConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InfraSecurityConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read security global configuration x-vmw-nsx-module: Policy put: consumes: - application/json description: | This updates the security-global-config used for NSX Manager appliance certificates. These properties are not sent to the hosts. operationId: GlobalInfraUpdateSecurityGlobalConfig parameters: - in: body name: InfraSecurityConfig required: true schema: $ref: '#/definitions/InfraSecurityConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InfraSecurityConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the security global configuration x-vmw-nsx-module: Policy /global-infra/security/tls-inspection-config-profiles: get: consumes: - application/json description: |- API will list all TLS Config Profiles operationId: GlobalInfraListPolicyTlsConfigProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTlsConfigProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List TLS Config Profiles tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile /global-infra/security/tls-inspection-config-profiles/{tls-inspection-config-profile}: delete: consumes: - application/json description: |- API will delete TLS Config Profile operationId: GlobalInfraDeletePolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile get: consumes: - application/json description: |- API will get TLS Config Profile operationId: GlobalInfraGetPolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTlsConfigProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile patch: consumes: - application/json description: |- API will create/update TLS Config Profile operationId: GlobalInfraPatchPolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string - in: body name: PolicyTlsConfigProfile required: true schema: $ref: '#/definitions/PolicyTlsConfigProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile put: consumes: - application/json description: |- API will update TLS Config Profile operationId: GlobalInfraUpdatePolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string - in: body name: PolicyTlsConfigProfile required: true schema: $ref: '#/definitions/PolicyTlsConfigProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTlsConfigProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile /global-infra/segment-security-profiles: get: consumes: - application/json description: | API will list all segment security profiles. operationId: GlobalInfraListSegmentSecurityProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List segment security profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity /global-infra/segment-security-profiles/{segment-security-profile-id}: delete: consumes: - application/json description: | API will delete segment security profile with the given id. operationId: GlobalInfraDeleteSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- DELETE segment security profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity get: consumes: - application/json description: | API will return details of the segment security profile with given id. If the profile does not exist, it will return 404. operationId: GlobalInfraGetSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- GET Segment security profile id tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity patch: consumes: - application/json description: | Create a new segment security profile if the segment security profile with given id does not exist. Otherwise, PATCH the existing segment security profile operationId: GlobalInfraPatchSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string - in: body name: SegmentSecurityProfile required: true schema: $ref: '#/definitions/SegmentSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- PATCH segment security profile id tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity put: consumes: - application/json description: | Create or replace a segment security profile operationId: GlobalInfraCreateOrUpdateSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string - in: body name: SegmentSecurityProfile required: true schema: $ref: '#/definitions/SegmentSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- PUT segment security profile id tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity /global-infra/segments: get: consumes: - application/json description: | Paginated list of all segments under infra. operationId: GlobalInfraListAllInfraSegments parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Segment type enum: - DVPortgroup - ALL in: query name: segment_type type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all segments under infra tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity /global-infra/segments/state: get: consumes: - application/json description: | Returns all infra segments with configuration state on the enforcement point specified in the request operationId: GlobalInfraGetInfraSegmentsByState parameters: - description: Configuration state of the segment on enforcement point enum: - pending - in_progress - success - failed - partial_success - orphaned - unknown in: query name: configuration_state required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segments by configuration state tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Port Discovery Profile Binding Maps in current port id. operationId: GlobalInfraListInfraPortDiscoveryBindings parameters: - in: path name: infra-segment-id required: true type: string - in: path name: infra-port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Port Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding ? /global-infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-discovery-profile-binding-maps/{port-discovery-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Infra Port Discovery Profile Binding Profile operationId: GlobalInfraDeleteInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Infra Port Discovery Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding get: consumes: - application/json description: | API will get Infra Port Discovery Profile Binding Map operationId: GlobalInfraGetInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding patch: consumes: - application/json description: |- API will create Infra Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraPatchInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Infra Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding put: consumes: - application/json description: |- API will update Infra Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraUpdateInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Infra Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /global-infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Port Monitoring Profile Binding Maps in current port id. operationId: GlobalInfraListInfraPortMonitoringBindings parameters: - in: path name: infra-segment-id required: true type: string - in: path name: infra-port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Port Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Infra Port Monitoring Profile Binding Profile. operationId: GlobalInfraDeleteInfraPortMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Infra Port Monitoring Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding get: consumes: - application/json description: | API will get Infra Port Monitoring Profile Binding Map. operationId: GlobalInfraGetInfraPortMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding patch: consumes: - application/json description: |- API will create Infra Port Monitoring Profile Binding Map. operationId: GlobalInfraPatchInfraPortMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding put: consumes: - application/json description: |- API will update Infra Port Monitoring Profile Binding Map. operationId: GlobalInfraUpdateInfraPortMonitoringBinding parameters: - description: |- InfraSegment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get Infra Port Monitoring Profile Binding Map mirror stack status. operationId: GlobalInfraGetInfraPortMonitoringBindingMirrorStackStatus parameters: - in: path name: infra-segment-id required: true type: string - in: path name: infra-port-id required: true type: string - in: path name: port-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /global-infra/segments/{infra-segment-id}/segment-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Segment Discovery Profile Binding Maps in current segment id. operationId: GlobalInfraListInfraSegmentDiscoveryBindings parameters: - in: path name: infra-segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Segment Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding ? /global-infra/segments/{infra-segment-id}/segment-discovery-profile-binding-maps/{segment-discovery-profile-binding-map-id} : get: consumes: - application/json description: | API will get Infra Segment Discovery Profile Binding Map operationId: GlobalInfraGetInfraSegmentDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /global-infra/segments/{infra-segment-id}/segment-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Segment Monitoring Profile Binding Maps in current segment id. operationId: GlobalInfraListInfraSegmentMonitoringBindings parameters: - in: path name: infra-segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Segment Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/segments/{infra-segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id} : get: consumes: - application/json description: | API will get Infra Segment Monitoring Profile Binding Map. operationId: GlobalInfraGetInfraSegmentMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/segments/{infra-segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get Infra Segment Monitoring Profile Binding Map mirror stack status. operationId: GlobalInfraGetInfraSegmentMonitoringBindingMirrorStackStatus parameters: - in: path name: infra-segment-id required: true type: string - in: path name: segment-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /global-infra/segments/{segment-id}: get: consumes: - application/json description: | Read infra segment Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PATCH API payload, the path returned in the GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: GlobalInfraReadInfraSegment parameters: - description: |- Segment ID in: path name: segment-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Segment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read infra segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity /global-infra/segments/{segment-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment operationId: GlobalInfraGetDownlinkPortArpProxiesForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for infra segment tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment in CSV format operationId: GlobalInfraGetDownlinkPortArpProxiesForInfraSegmentInCsv parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for infra segment in CSV format tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the interface (downlink) attaching segment to tier-0/tier-1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GlobalInfraGetInfraSegmentInterfaceArpTable parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the interface (downlink) attaching segment to tier-0/tier-1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GlobalInfraGetInfraSegmentInterfaceArpTableCsv parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/dhcp-static-binding-configs: get: consumes: - application/json description: | Paginated list of all DHCP static binding instances operationId: GlobalInfraListInfraSegmentDhcpStaticBinding parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all DHCP static bindings tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings x-vmw-nsx-module: PolicyConnectivity /global-infra/segments/{segment-id}/dhcp-static-binding-configs/{binding-id}: get: consumes: - application/json description: |- Read DHCP static binding operationId: GlobalInfraReadInfraSegmentDhcpStaticBinding parameters: - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings x-vmw-nsx-module: PolicyConnectivity /global-infra/segments/{segment-id}/dhcp-static-bindings/{binding-id}/state: get: consumes: - application/json description: |- Read DHCP static binding state operationId: GlobalInfraReadInfraSegmentDhcpStaticBindingState parameters: - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding state tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/gateway-interface-arp-table: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/segments/<segment-id>/arp-table Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GlobalInfraGetDownlinkPortArpTableForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/gateway-interface-arp-table?format=csv: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/segments/<segment-id>/arp-table?format=csv Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GlobalInfraGetDownlinkPortArpTableForInfraSegmentInCsv parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-0 router in CSV tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/gateway-interface-dad-state: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GlobalInfraGetDownlinkPortDadStateForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD state for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/gateway-interface-statistics: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GlobalInfraGetDownlinkPortStatisticsForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/gateway-interface-statistics/summary: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GlobalInfraGetDownlinkPortStatisticsSummaryForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/inter-site-forwarder/site-span-info: get: consumes: - application/json description: | Get infra segment cross site forwarder placement and HA statuss. operationId: GlobalInfraGetInfraSegmentCsSpanInfo parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentL2ForwarderSiteSpanInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment cross site forwarder placement and HA status tags: - Federation - Inter-Sites x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/inter-site-forwarder/status: get: consumes: - application/json description: | Get infra segment cross site traffic statistics. operationId: GlobalInfraGetInfraSegmentCsTrafficStats parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentCrossSiteTrafficStats' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment cross site traffic statistics tags: - Federation - Inter-Sites x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GlobalInfraGetInfraSegmentMacTable parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment MAC table tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GlobalInfraGetInfraSegmentMacTableInCsv parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/MacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/ports: get: consumes: - application/json description: | List all the ports for an infra. operationId: GlobalInfraListInfraSegmentPorts parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List infra segment ports tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /global-infra/segments/{segment-id}/ports/{port-id}: delete: consumes: - application/json description: | Delete an infra segment port by giving ID. operationId: GlobalInfraDeleteInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Get detail information on an infra segment port by giving ID. operationId: GlobalInfraGetInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port by ID tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create an infra segment port if it does not exist based on the IDs, or update existing port information by replacing the port object fields which presents in the request body. operationId: GlobalInfraPatchInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch an infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create an infra segment port if it does not exist based on the IDs, or update existing port information by replacing the port object already exists. operationId: GlobalInfraCreateOrReplaceInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update an infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /global-infra/segments/{segment-id}/ports/{port-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GlobalInfraGetInfraSegmentPortMacTable parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get MAC table for infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/ports/{port-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GlobalInfraGetInfraSegmentPortMacTableInCsv parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Port QoS Profile Binding Maps in current port id. operationId: GlobalInfraListInfraPortQoSBindings parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /global-infra/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps/{port-qos-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Port QoS Profile Binding Profile. operationId: GlobalInfraDeleteInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port QoS Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding get: consumes: - application/json description: | API will get Port QoS Profile Binding Map. operationId: GlobalInfraGetInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding patch: consumes: - application/json description: |- API will create Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraPatchInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding put: consumes: - application/json description: |- API will update Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraUpdateInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /global-infra/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps: get: consumes: - application/json description: | API will list all port security profile binding maps. operationId: GlobalInfraListInfraSegmentPortSecurityProfileBindings parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List infra segment port security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding ? /global-infra/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps/{port-security-profile-binding-map-id} : delete: consumes: - application/json description: | API will delete the port security profile binding map. operationId: GlobalInfraDeleteInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete the infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding get: consumes: - application/json description: | API will return details of the port security profile binding map. If the security profile binding map does not exist, it will return 404. operationId: GlobalInfraGetInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding patch: consumes: - application/json description: | Create a new port security profile binding map if the given security profile binding map does not exist. Otherwise, patch the existing port security profile binding map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraPatchInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding put: consumes: - application/json description: | API will create or replace the port security profile binding map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraCreateOrUpdateInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace the infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /global-infra/segments/{segment-id}/ports/{port-id}/state: get: consumes: - application/json description: | Returns infra segment port state on enforcement point operationId: GlobalInfraGetInfraSegmentPortState parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port state tags: - Policy - Networking - Connectivity - Segments - Ports - State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/segment-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment QoS Profile Binding Maps in current segment id. operationId: GlobalInfraListInfraSegmentQoSBindings parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /global-infra/segments/{segment-id}/segment-qos-profile-binding-maps/{segment-qos-profile-binding-map-id}: get: consumes: - application/json description: | API will get Segment QoS Profile Binding Map. operationId: GlobalInfraGetInfraSegmentQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /global-infra/segments/{segment-id}/segment-security-profile-binding-maps: get: consumes: - application/json description: | API will list all segment security profile binding maps. operationId: GlobalInfraListInfraSegmentSecurityProfileBindings parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List infra segment security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /global-infra/segments/{segment-id}/segment-security-profile-binding-maps/{segment-security-profile-binding-map-id}: get: consumes: - application/json description: | API will return details of the segment security profile binding map. If the binding map does not exist, it will return 404. operationId: GlobalInfraGetInfraSegmentSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /global-infra/segments/{segment-id}/tep-table: get: consumes: - application/json description: | Returns TEP table for a segment operationId: GlobalInfraGetInfraSegmentTepTable parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment TEP table tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segment-id}/tep-table?format=csv: get: consumes: - application/json description: | Returns TEP table for a segment in CSV operationId: GlobalInfraGetInfraSegmentTepTableInCsv parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment TEP table in CSV tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segments-id}/ports/{port-id}/statistics: get: consumes: - application/json description: | Get infra segment port statistics information. operationId: GlobalInfraGetInfraSegmentPortStatistics parameters: - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segments-id}/ports/{port-id}/status: get: consumes: - application/json description: | Get infra segment port status information. operationId: GlobalInfraGetInfraSegmentPortStatus parameters: - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port status information tags: - Policy - Networking - Connectivity - Segments - Status x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segments-id}/state: get: consumes: - application/json description: | Get infra segment state information. operationId: GlobalInfraGetInfraSegmentState parameters: - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment state information tags: - Policy - Networking - Connectivity - Segments - State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/segments/{segments-id}/statistics: get: consumes: - application/json description: | Get infra segment statistics information. operationId: GlobalInfraGetInfraSegmentStatistics parameters: - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/services: get: consumes: - application/json description: | Paginated list of Services for infra. operationId: GlobalInfraListServicesForTenant parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Fetch all default services in: query name: default_service type: boolean - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Services for infra tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /global-infra/services/{service-id}: get: consumes: - application/json description: |- Read a service operationId: GlobalInfraReadServiceForTenant parameters: - description: |- Service ID in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Service' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a service tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /global-infra/services/{service-id}/service-entries: get: consumes: - application/json description: | Paginated list of Service entries for the given service operationId: GlobalInfraListServiceEntries parameters: - description: |- Service ID in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceEntryListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Service entries for the given service tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /global-infra/services/{service-id}/service-entries/{service-entry-id}: get: consumes: - application/json description: |- Service entry operationId: GlobalInfraReadServiceEntry parameters: - description: |- Service ID in: path name: service-id required: true type: string - description: |- Service entry ID in: path name: service-entry-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Service entry tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /global-infra/session-timer-profiles/{session-timer-profile-id}/bindings: get: consumes: - application/json description: |- API will list all Session Timer Profiles bindings. operationId: GlobalInfraListSessionTimerProfileBindings parameters: - in: path name: session-timer-profile-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Session Timer Profiles tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyProfile /global-infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall CPU Memory Thresholds Profile Binding Maps. operationId: GlobalInfraListPolicyFirewallCPUMemThresholdsProfileBindingMaps parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall CPU Memory Thresholds Profile Binding Maps tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding /global-infra/settings/firewall/cpu-mem-thresholds-profiles: get: consumes: - application/json description: |- List all CPU and memory thresholds profiles. operationId: GlobalInfraListCPUMemThresholdsProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all CPU and memory thresholds profiles tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile /global-infra/settings/firewall/cpu-mem-thresholds-profiles/{profile-id}: delete: consumes: - application/json description: |- Delete CPU and memory thresholds profile. operationId: GlobalInfraDeleteCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile get: consumes: - application/json description: |- Read the CPU and memory thresholds profile. operationId: GlobalInfraReadCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile patch: consumes: - application/json description: |- Create or update CPU and memory thresholds profile. operationId: GlobalInfraPatchCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string - in: body name: PolicyFirewallCpuMemThresholdsProfile required: true schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile put: consumes: - application/json description: |- Create or update CPU and memory thresholds profile. operationId: GlobalInfraUpdateCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string - in: body name: PolicyFirewallCpuMemThresholdsProfile required: true schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile /global-infra/settings/firewall/stats?action=reset: post: consumes: - application/json description: | Sets firewall rule statistics counter to zero. This operation is supported for given category, for example: DFW i.e. for all layer3 firewall (transport nodes only) rules or EDGE i.e. for all layer3 edge firewall (edge nodes only) rules. - no enforcement point path specified: On global manager, it is mandatory to give an enforcement point path. On local manager, reset of stats will be executed for each enforcement point. - {enforcement_point_path}: Reset of stats will be executed only for the given enforcement point. operationId: GlobalInfraResetRuleStats parameters: - description: Aggregation statistic category enum: - DFW - EDGE in: query name: category required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset firewall rule statistics tags: - Policy - Security - East West Security - Distributed Firewall - Statistics x-vmw-nsx-module: DfwSecurityPolicy /global-infra/sha/dynamic-plugins: get: consumes: - application/json description: | API will provide list of Sha dynamic plugins. operationId: GlobalInfraListShaDynamicPlugins parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaDynamicPluginListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will provide list of Sha dynamic plugin list. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /global-infra/sha/dynamic-plugins/{plugin-id}: get: consumes: - application/json description: | Read Sha dynamic plugin. operationId: GlobalInfraReadShaDynamicPlugin parameters: - description: |- Plugin filename in: path name: plugin-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaDynamicPlugin' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Sha dynamic plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /global-infra/sha/plugin-profiles: get: consumes: - application/json description: | API will provide list of SHA profile. operationId: GlobalInfraListShaPluginProfiles parameters: - description: String Path of the Policy group path in: query name: applied_to_group_path required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: String Path of the sha plugin in: query name: plugin_path required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPluginProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will provide list of SHA profile. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /global-infra/sha/plugin-profiles/{sha-profile-id}: get: consumes: - application/json description: | API will return Sha profile. operationId: GlobalInfraReadShaPluginProfile parameters: - description: |- Sha profile id in: path name: sha-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPluginProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will return Sha profile tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /global-infra/sha/plugin-status/{node-id}: get: consumes: - application/json description: | Show all the installed system health plugins on given node operationId: GlobalInfraShowPluginStatusOnNode parameters: - description: | The TN node id. in: path name: node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PerNodeShaPluginStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Show the plugins status on given node. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /global-infra/sha/pre-defined-plugins: get: consumes: - application/json description: | API will provide list of Sha dynamic plugins. operationId: GlobalInfraListShaPredefinedPlugins parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPreDefinedPluginListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will provide list of Sha pre-defined list. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /global-infra/sha/pre-defined-plugins/{plugin-id}: get: consumes: - application/json description: | Read SHA dynamic plugin. operationId: GlobalInfraReadShaPredefinedPlugin parameters: - description: |- Sha pre-defined plugin in: path name: plugin-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPredefinedPlugin' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Sha pre-defined plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /global-infra/sites: get: consumes: - application/json description: | List Sites under Infra. operationId: GlobalInfraListSites parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SiteListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Sites tags: - Federation - Sites x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/sites/listener_certificate: get: consumes: - application/json description: | Connects to the given IP and port, and, if an SSL listener is present, returns the certificate of the listener. Intent of this API is "Do you trust this certificate?". operationId: GlobalInfraGetInfraSiteListenerCertificate parameters: - description: Host name or IP address of TLS listener format: hostname-or-ip in: query name: address required: true type: string - description: TCP port number of the TLS listener format: int32 in: query maximum: 65535 minimum: 0 name: port required: true type: integer produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsListenerCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns the certificate of the listener tags: - Federation - Sites x-vmw-nsx-module: PolicySiteGM /global-infra/sites/{site-id}: get: consumes: - application/json description: | Read a site under Infra. operationId: GlobalInfraReadSite parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Site' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a site tags: - Federation - Sites x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/sites/{site-id}/enforcement-points: get: consumes: - application/json description: | Paginated list of all enforcementpoints under Site. operationId: GlobalInfraListEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List enforcementpoints under Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}: get: consumes: - application/json description: | Read an Enforcement Point under Infra/Site operationId: GlobalInfraReadEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an Enforcement Point under Infra/Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters: get: consumes: - application/json description: | Paginated list of all Edge Clusters under an Enforcement Point operationId: GlobalInfraListEdgeClustersForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeClusterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Edge Clusters under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}: get: consumes: - application/json description: | Read a Edge Cluster under an Enforcement Point operationId: GlobalInfraReadEdgeClusterForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: edge-cluster-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeCluster' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Edge Cluster under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes: get: consumes: - application/json description: | Paginated list of all Edge Nodes under an Enforcement Point, Edge Cluster operationId: GlobalInfraListEdgeNodesUnderEdgeClusterForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: edge-cluster-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeNodeListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Edge Nodes under an Enforcement Point, Edge Cluster tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement ? /global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes/{edge-node-id} : get: consumes: - application/json description: | Read a Edge Node under an Enforcement Point, Edge Cluster operationId: GlobalInfraReadEdgeNodeUnderEdgeClusterForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: path name: edge-node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeNode' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Edge Node under an Enforcement Point, Edge Cluster tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-zones: get: consumes: - application/json description: | Paginated list of all Transport Zones under an Enforcement Point operationId: GlobalInfraListTransportZonesForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Transport Zones under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyTransportZone /global-infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-zones/{transport-zone-id}: get: consumes: - application/json description: | Read a Transport Zone under an Enforcement Point operationId: GlobalInfraReadTransportZoneForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-zone-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Transport Zone under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyTransportZone /global-infra/span: get: consumes: - application/json description: |- Get span for an entity with specified path. operationId: GlobalInfraGetSpan parameters: - description: String Path of the intent object in: query name: intent_path required: true type: string - description: Policy Path of the site in: query name: site_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Span' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get span for an entity with specified path tags: - Federation - Sites x-vmw-nsx-module: PolicySitesSpan /global-infra/spoofguard-profiles: get: consumes: - application/json description: | API will list all SpoofGuard profiles. operationId: GlobalInfraListSpoofGuardProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SpoofGuardProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List SpoofGuard profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard /global-infra/spoofguard-profiles/{spoofguard-profile-id}: delete: consumes: - application/json description: | API will delete SpoofGuard profile with the given id. operationId: GlobalInfraDeleteSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard get: consumes: - application/json description: | API will return details of the SpoofGuard profile with given id. If the profile does not exist, it will return 404. operationId: GlobalInfraGetSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SpoofGuardProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard patch: consumes: - application/json description: | Create a new SpoofGuard profile if the SpoofGuard profile with the given id does not exist. Otherwise, patch with the existing SpoofGuard profile. operationId: GlobalInfraPatchSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string - in: body name: SpoofGuardProfile required: true schema: $ref: '#/definitions/SpoofGuardProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard put: consumes: - application/json description: | API will create or replace SpoofGuard profile. operationId: GlobalInfraCreateOrUpdateSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string - in: body name: SpoofGuardProfile required: true schema: $ref: '#/definitions/SpoofGuardProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SpoofGuardProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard /global-infra/tier-0s: get: consumes: - application/json description: | Paginated list of all Tier-0s operationId: GlobalInfraListTier0s parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0ListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0s tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}: get: consumes: - application/json description: |- Read Tier-0 operationId: GlobalInfraReadTier0 parameters: - in: path name: tier-0-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/arp-proxies: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 operationId: GlobalInfraGetTier0GatewayArpProxies parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-0 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/arp-proxies?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 in CSV format operationId: GlobalInfraGetTier0GatewayArpProxiesInCsv parameters: - in: path name: tier-0-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/community-lists: get: consumes: - application/json description: | Paginated list of all community lists under a tier-0 operationId: GlobalInfraListCommunityList parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunityListListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List BGP community lists tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Community Lists x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/community-lists/{community-list-id}: get: consumes: - application/json description: |- Read a BGP community list operationId: GlobalInfraReadCommunityList parameters: - in: path name: tier-0-id required: true type: string - in: path name: community-list-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunityList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a BGP community list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Community Lists x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/dns-forwarder: get: consumes: - application/json description: |- Read the DNS Forwarder for the given tier-0 instance operationId: GlobalInfraReadPolicyDnsForwarderOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarder' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder for the given tier-0 instance tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder post: consumes: - application/json description: | Perform the specified action for Tier0 DNS forwarder on specified enforcement point. operationId: GlobalInfraPerformEPActionForDnsForwarderAtTier0 parameters: - in: path name: tier-0-id required: true type: string - description: An action to be performed for DNS forwarder on EP enum: - clear_cache in: query name: action required: true type: string - default: /infra/sites/default/enforcement-points/default description: An enforcement point path, on which the action is to be performed in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Perform the specified DNS forwarder action tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder /global-infra/tier-0s/{tier-0-id}/dns-forwarder/nslookup: get: consumes: - application/json description: | Query the nameserver for an ip-address or a FQDN of the given an address optionally using an specified DNS server. If the address is a fqdn, nslookup will resolve ip-address with it. If the address is an ip-address, do a reverse lookup and answer fqdn(s). If enforcement point is specified, then DNS forwarder nslookup answer will get fetched from specified enforcement point. Otherwise from all enforcement points. operationId: GlobalInfraLookupAddressViaTier0DNSForwarder parameters: - in: path name: tier-0-id required: true type: string - description: IP address or FQDN for nslookup in: query name: address required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregatePolicyDnsAnswer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Resolve a given address via the dns forwarder at Tier0 tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder /global-infra/tier-0s/{tier-0-id}/dns-forwarder/statistics: get: consumes: - application/json description: | Get statistics of tier-0 DNS forwarder. - no enforcement point path specified: Statistics will be evaluated on each enforcement point. - {enforcement_point_path}: Statistics are evaluated only on the given enforcement point. operationId: GlobalInfraGetTier0DNSForwarderStatistics parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 DNS forwarder statistics tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDNSStatistics /global-infra/tier-0s/{tier-0-id}/dns-forwarder/status: get: consumes: - application/json description: | Get current status of tier-0 DNS forwarder. - no enforcement point path specified: Status will be evaluated on each enforcement point. - {enforcement_point_path}: Status will be evaluated only on the given enforcement point. operationId: GlobalInfraGetTier0DNSForwarderStatus parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get current status of tier-0 DNS forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDNSStatistics /global-infra/tier-0s/{tier-0-id}/forwarding-table: get: consumes: - application/json description: | Get forwarding table from tier-0 operationId: GlobalInfraGetTier0ForwardingTable parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoutingTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/forwarding-table?format=csv: get: consumes: - application/json description: | Get forwarding table from tier-0 gateway in CSV format. operationId: GlobalInfraGetTier0ForwardingTableCsv parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/GatewayRouteTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-0 in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of gateway rules associated with the Tier-0. The gateay policies are returned in the order of category and precedence. operationId: GlobalInfraViewTier0GatewayFirewall parameters: - in: path name: tier-0-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-0 logical router. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-0 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/tier-0s/{tier-0-id}/groups: get: consumes: - application/json description: | Paginated list of all Groups for Tier-0. operationId: GlobalInfraListTier0Group parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Comma Seperated Member types in: query name: member_types required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Groups for Tier-0 tags: - Policy - Inventory - Groups - Gateway Firewall Groups x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/tier-0s/{tier-0-id}/groups/{group-id}: get: consumes: - application/json description: |- Read Tier-0 Group operationId: GlobalInfraReadTier0Group parameters: - in: path name: tier-0-id required: true type: string - in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Group' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 Group tags: - Policy - Inventory - Groups - Gateway Firewall Groups x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/tier-0s/{tier-0-id}/groups/{group-id}/members/ip-addresses: get: consumes: - application/json description: | Get IP addresses that belong to this Tier-0 Group. This API is applicable for Groups containing either VirtualMachine, VIF, Segment ,Segment Port or IP Address member type.For Groups containing other member types,an empty list is returned operationId: GlobalInfraGetProviderGroupIPMembers parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupIPMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IP addresses that belong to this Tier-0 Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/tier-0s/{tier-0-id}/groups/{group-id}/members/virtual-machines: get: consumes: - application/json description: | Get Virtual machines that belong to this Tier-0 Group. This API is applicable for Groups containing VirtualMachine member type. For Groups containing other member types,an empty list is returned. operationId: GlobalInfraGetProviderGroupVMMembers parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedVirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Virtual machines that belong to this Tier-0 Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/statistics: post: consumes: - application/json description: | Resets the statistics of the given VPN session. Since source of data is enforcement point, data is reset there. operationId: GlobalInfraResetTier0VpnIPSecVpnSessionStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: Action on statistics enum: - reset in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset the statistics of the given VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics /global-infra/tier-0s/{tier-0-id}/locale-services: get: consumes: - application/json description: | Paginated list of all Tier-0 locale-services operationId: GlobalInfraListTier0LocaleServices parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServicesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 locale-services tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Locale Services x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/arp-proxies: get: consumes: - application/json description: | This API is deprecated. Please use /infra/tier-0s/<tier-0-id>/arp-proxies Returns ARP proxy table for a tier-0 operationId: GlobalInfraGetTier0ArpProxies parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-0 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp: delete: consumes: - application/json description: | Deletes the specified overridden BgpRoutingConfig. If the BgpRoutingConfig is not overridden, it won't get deleted. operationId: GlobalInfraDeleteOverriddenBgpRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete overridden BGP routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read BGP routing config operationId: GlobalInfraReadBgpRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpRoutingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read BGP routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If an BGP routing config not present, create BGP routing config. If it already exists, update the routing config. operationId: GlobalInfraPatchBgpRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: body name: BgpRoutingConfig required: true schema: $ref: '#/definitions/BgpRoutingConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update BGP routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If BGP routing config is not already present, create BGP routing config. If it already exists, replace the BGP routing config with this object. operationId: GlobalInfraCreateOrReplaceBgpRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: body name: BgpRoutingConfig required: true schema: $ref: '#/definitions/BgpRoutingConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpRoutingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors: get: consumes: - application/json description: | Paginated list of all BGP neighbor configurations operationId: GlobalInfraListBgpNeighborConfigs parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List BGP neighbor configurations tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/status: get: consumes: - application/json description: | Returns the status of all the BGP neighbors for the given Tier0. To get BGP neighbor status for a particular enforcement point, parameter "enforcement_point_path=<enforcement_point_path>" needs to be specified. If an enforcement_point is unspecified, then bgp neighbor status for all enforcement points is fetched. To get BGP neighbors status for the logical router from particular edge node, parameter "edge_path=<edge_path>" needs to be specified. If an edge_path is unspecified, then bgp neighbor status for all edges is fetched. operationId: GlobalInfraGetTier0BgpNeighborsStatus parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyBgpNeighborsStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get BGP neighbor status for the Tier0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}: delete: consumes: - application/json description: |- Delete BGP neighbor config operationId: GlobalInfraDeleteBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read BGP neighbor config operationId: GlobalInfraReadBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If BGP neighbor config with the neighbor-id is not already present, create a new neighbor config. If it already exists, replace the BGP neighbor config with this object. operationId: GlobalInfraPatchBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - in: body name: BgpNeighborConfig required: true schema: $ref: '#/definitions/BgpNeighborConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If BGP neighbor config with the neighbor-id is not already present, create a new neighbor config. If it already exists, replace the BGP neighbor config with this object. operationId: GlobalInfraCreateOrReplaceBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - in: body name: BgpNeighborConfig required: true schema: $ref: '#/definitions/BgpNeighborConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/advertised-routes: get: consumes: - application/json description: | Returns routes advertised by BGP neighbor from all edge transport nodes on which this neighbor is currently enabled. The query parameter "source=cached" is not supported. operationId: GlobalInfraGetTier0BgpNeighborAdvertisedRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get BGP neighbor advertised routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics ? /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/advertised-routes?format=csv : get: consumes: - application/json description: | Returns routes advertised by BGP neighbor from all edge transport nodes on which this neighbor is currently enabled in CSV format. Routes from all enforcement points are returned. operationId: GlobalInfraGetTier0BgpNeighborAdvertisedRoutesInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRouteDetailsInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get BGP neighbor advertised routes in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/routes: get: consumes: - application/json description: | Returns routes learned by BGP neighbor from all edge nodes on which this neighbor is currently enabled. operationId: GlobalInfraGetTier0BgpNeighborRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routes learned by BGP neighbor tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/routes?format=csv: get: consumes: - application/json description: | Returns routes learned by BGP neighbor from all edge nodes on which this neighbor is currently enabled. Routes from all enforcement points are returned. operationId: GlobalInfraGetTier0BgpNeighborRoutesInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRouteDetailsInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routes learned by BGP neighbor in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces: get: consumes: - application/json description: | Paginated list of all Tier-0 Interfaces operationId: GlobalInfraListTier0Interfaces parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0InterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 Interfaces tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}: delete: consumes: - application/json description: |- Delete Tier-0 interface operationId: GlobalInfraDeleteTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-0 interface operationId: GlobalInfraReadTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0Interface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. If it already exists, update the interface for specified attributes. operationId: GlobalInfraPatchTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: Tier0Interface required: true schema: $ref: '#/definitions/Tier0Interface' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. If it already exists, replace the interface with this object. operationId: GlobalInfraCreateOrReplaceTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: Tier0Interface required: true schema: $ref: '#/definitions/Tier0Interface' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0Interface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 interface. Interfaces can be of types - EXTERNAL and SERVICE. Interfaces of type LOOBACK and downlink are not supported. operationId: GlobalInfraGetTier0InterfaceArpProxies parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Interface Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 interface in CSV format. Interfaces can be of types - EXTERNAL and SERVICE. Interfaces of type LOOBACK and downlink are not supported. operationId: GlobalInfraGetTier0InterfaceArpProxiesInCsv parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Interface Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the tier-0 interface, on a edge node if a query parameter "edge_path=<policy-edge-path>" is given. The edge_path parameter is mandatory if the interface type is not EXTERNAL. operationId: GlobalInfraGetTier0InterfaceArpTable parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-0 interface, on a edge node if a query parameter "edge_path=<policy-edge-path>" is given. The edge_path parameter is mandatory if the interface type is not EXTERNAL. operationId: GlobalInfraGetTier0InterfaceArpTableCsv parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-0 interface in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/dad-state: get: consumes: - application/json description: | Get tier-0 interface DAD state information. operationId: GlobalInfraGetTier0InterfaceDADState parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD status by interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics: get: consumes: - application/json description: | Get tier-0 interface statistics information. operationId: GlobalInfraGetTier0InterfaceStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 interface statistics information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics/summary: get: consumes: - application/json description: | Get tier-0 interface statistics summary information. operationId: GlobalInfraGetTier0InterfaceStatisticsSummary parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 interface statistics summary information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-interfaces: get: consumes: - application/json description: | Paginated list of all Service Interfaces operationId: GlobalInfraListServiceInterfaces parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Service Interfaces tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-interfaces/{interface-id}: get: consumes: - application/json description: |- Read service interface operationId: GlobalInfraReadServiceInterface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/tier-0-deployment-maps: get: consumes: - application/json description: | Paginated list of all Tier-0 Deployment Entries. operationId: GlobalInfraListTier0DeploymentMaps parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0DeploymentMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 Deployment maps tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/tier-0-deployment-maps/{tier-0-deployment-map-id}: get: consumes: - application/json description: | Read a Tier-0 Deployment Map operationId: GlobalInfraReadTier0DeploymentMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: tier-0-deployment-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0DeploymentMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Tier-0 Deployment Map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}: get: consumes: - application/json description: |- Read Tier-0 locale-services operationId: GlobalInfraReadTier0LocaleServices parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 locale-services tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Locale Services x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of Gateway Firewall rules associated with the Tier-0 Locale Services. The gateway policies are returned in the order of category and sequence number. operationId: GlobalInfraViewTier0LocaleServicesGatewayFirewall parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-0 LocalServices. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-0 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/inter-site/bgp-summary: get: consumes: - application/json description: | Get RTEP span and mac address-table. operationId: GlobalInfraGetPolicyInterSiteBgpSummary parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeClusterInterSiteBgpSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get RTEP span and mac address-table tags: - Federation - Inter-Sites x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/inter-site/status: get: consumes: - application/json description: | Get RTEP mesh connectivity status. operationId: GlobalInfraGetPolicyInterSiteStatus parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeClusterInterSiteStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get RTEP mesh connectivity status tags: - Federation - Inter-Sites x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/nat: get: consumes: - application/json description: | List all NAT sections under the given Tier-0 ID. For more details related to NAT section please refer to PolicyNAT schema. operationId: GlobalInfraListPolicyNatOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy NAT types. tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT /global-infra/tier-0s/{tier-0-id}/nat/statistics: get: consumes: - application/json description: |- List NAT Rules Statistics from Tier-0 denoted by Tier-0 ID. operationId: GlobalInfraListPolicyNatRulesStatisticsFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsPerLogicalRouterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /global-infra/tier-0s/{tier-0-id}/nat/{nat-id}/nat-rules: get: consumes: - application/json description: | List NAT Rules from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PATCH/PUT API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: GlobalInfraListPolicyNatRulesFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT /global-infra/tier-0s/{tier-0-id}/nat/{nat-id}/nat-rules/{nat-rule-id}: get: consumes: - application/json description: | Get NAT Rule from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PUT/PATCH API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: GlobalInfraGetPolicyNatRuleFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT /global-infra/tier-0s/{tier-0-id}/nat/{nat-id}/nat-rules/{nat-rule-id}/statistics: get: consumes: - application/json description: | Get NAT Rule Statistics from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. operationId: GlobalInfraGetPolicyNatRuleStatisticsFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - description: Action on statistics enum: - aggregate in: query name: action required: false type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /global-infra/tier-0s/{tier-0-id}/prefix-lists: get: consumes: - application/json description: | Paginated list of all prefix lists operationId: GlobalInfraListPrefixLists parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PrefixListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List prefix lists tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Prefix List x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/prefix-lists/{prefix-list-id}: get: consumes: - application/json description: |- Read a prefix list operationId: GlobalInfraReadPrefixList parameters: - in: path name: tier-0-id required: true type: string - in: path name: prefix-list-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PrefixList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a prefix list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Prefix List x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/route-maps: get: consumes: - application/json description: | Paginated list of all route maps under a tier-0 operationId: GlobalInfraListAllRouteMaps parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0RouteMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List route maps tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Route Maps x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/route-maps/{route-map-id}: get: consumes: - application/json description: |- Read a route map operationId: GlobalInfraGetRouteMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0RouteMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a route map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Route Maps x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/routing-table: get: consumes: - application/json description: | Get routing table from tier-0 operationId: GlobalInfraGetTier0Routes parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoutingTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routing table from tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Routing Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/routing-table?format=csv: get: consumes: - application/json description: | Get routing table from tier-0 gateway in CSV format. operationId: GlobalInfraGetTier0RoutesCsv parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/GatewayRouteTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routing table from tier-0 in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Routing Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/state: get: consumes: - application/json description: | Returns operationId: GlobalInfraGetTier0State parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Interface path for interface specific state such as IPv6 DAD state in: query name: interface_path type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Returns specific information based on the value specified. enum: - GATEWAY_STATE - GATEWAY_STATUS - IPV6_STATUS in: query name: type type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0GatewayState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier0 state tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/static-routes: get: consumes: - application/json description: | Paginated list of all Tier-0 Static Routes operationId: GlobalInfraListTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 Static Routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/static-routes/bfd-peers: get: consumes: - application/json description: | Paginated list of all StaticRouteBfdPeers. operationId: GlobalInfraListStaticRouteBfdPeer parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRouteBfdPeerListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List StaticRouteBfdPeers tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes BFD Peers x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/static-routes/bfd-peers/{bfd-peer-id}: get: consumes: - application/json description: | Read a StaticRouteBfdPeer with the bfd-peer-id. operationId: GlobalInfraReadStaticRouteBfdPeer parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- BFD peer ID in: path name: bfd-peer-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRouteBfdPeer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a StaticRouteBfdPeer tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes BFD Peers x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/static-routes/{route-id}: get: consumes: - application/json description: |- Read Tier-0 static routes operationId: GlobalInfraReadTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 static routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If static routes for route-id are not already present, create static routes. If it already exists, replace the static routes for route-id. operationId: GlobalInfraCreateOrReplaceTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-id required: true type: string - in: body name: StaticRoutes required: true schema: $ref: '#/definitions/StaticRoutes' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 static routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-0s/{tier-0-id}/tier-1-interface/arp-table: get: consumes: - application/json description: | Get tier-0 interface arp information. operationId: GlobalInfraGetTier0RouterLinkArpTable parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 router link arp information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/tier-1-interface/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-0 router link interface, on a edge node. The edge_path parameter is mandatory if the interface type is not EXTERNAL. operationId: GlobalInfraGetTier0RouterLinkArpTableCsv parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-0 router link interface in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/tier-1-interface/statistics: get: consumes: - application/json description: | Get tier-0 interface statistics information. operationId: GlobalInfraGetTier0RouterLinkStatistics parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 router link statistics information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier-0-id}/tier-1-interface/statistics/summary: get: consumes: - application/json description: | Get tier-0 interface statistics summary information. operationId: GlobalInfraGetTier0RouterLinkSummaryStatistics parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 router link statistics summary information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-0s/{tier0-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id}: get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-0 Logical Router. operationId: GlobalInfraGetTier0FloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /global-infra/tier-0s/{tier0-id}/locale-services/{locale-services-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id} : get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices. operationId: GlobalInfraGetTier0LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /global-infra/tier-0s/{tier0-id}/locale-services/{locale-services-id}/session-timer-profile-bindings/{session-timer-profile-binding-id} : get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices. operationId: GlobalInfraGetTier0LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /global-infra/tier-0s/{tier0-id}/session-timer-profile-bindings/{session-timer-profile-binding-id}: get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-0 Logical Router. operationId: GlobalInfraGetTier0SessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /global-infra/tier-1s: get: consumes: - application/json description: | Paginated list of all Tier-1 instances operationId: GlobalInfraListTier1 parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1ListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 instances tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}: get: consumes: - application/json description: |- Read Tier-1 configuration operationId: GlobalInfraReadTier1 parameters: - in: path name: tier-1-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/arp-proxies: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 operationId: GlobalInfraGetTier1GatewayArpProxies parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-1 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/arp-proxies?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 in CSV format operationId: GlobalInfraGetTier1GatewayArpProxiesInCsv parameters: - in: path name: tier-1-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/dns-forwarder: get: consumes: - application/json description: |- Read the DNS Forwarder for the given tier-1 instance operationId: GlobalInfraReadPolicyDnsForwarderOnTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarder' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder for the given tier-1 instance tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder post: consumes: - application/json description: | Perform the specified action for Tier0 DNS forwarder on specified enforcement point. operationId: GlobalInfraPerformEPActionForDnsForwarderAtTier1 parameters: - in: path name: tier-1-id required: true type: string - description: An action to be performed for DNS forwarder on EP enum: - clear_cache in: query name: action required: true type: string - default: /infra/sites/default/enforcement-points/default description: An enforcement point path, on which the action is to be performed in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Perform the specified DNS forwarder action tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder /global-infra/tier-1s/{tier-1-id}/dns-forwarder/nslookup: get: consumes: - application/json description: | Query the nameserver for an ip-address or a FQDN of the given an address optionally using an specified DNS server. If the address is a fqdn, nslookup will resolve ip-address with it. If the address is an ip-address, do a reverse lookup and answer fqdn(s). If enforcement point is specified, then DNS forwarder nslookup answer will get fetched from specified enforcement point. Otherwise from all enforcement points. operationId: GlobalInfraLookupAddressViaTier1DNSForwarder parameters: - in: path name: tier-1-id required: true type: string - description: IP address or FQDN for nslookup in: query name: address required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregatePolicyDnsAnswer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Resolve a given address via the dns forwarder at Tier1 tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder /global-infra/tier-1s/{tier-1-id}/dns-forwarder/statistics: get: consumes: - application/json description: | Get statistics of tier-1 DNS forwarder. - no enforcement point path specified: Statistics will be evaluated on each enforcement point. - {enforcement_point_path}: Statistics are evaluated only on the given enforcement point. operationId: GlobalInfraGetTier1DNSForwarderStatistics parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 DNS forwarder statistics tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDNSStatistics /global-infra/tier-1s/{tier-1-id}/dns-forwarder/status: get: consumes: - application/json description: | Get current status of tier-1 DNS forwarder. - no enforcement point path specified: Status will be evaluated on each enforcement point. - {enforcement_point_path}: Status will be evaluated only on the given enforcement point. operationId: GlobalInfraGetTier1DNSForwarderStatus parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get current status of tier-1 DNS forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDNSStatistics /global-infra/tier-1s/{tier-1-id}/forwarding-table: get: consumes: - application/json description: | Get forwarding table from tier-1 operationId: GlobalInfraGetTier1ForwardingTable parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoutingTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-1 tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/forwarding-table?format=csv: get: consumes: - application/json description: | Get forwarding table from tier-1 gateway in CSV format. operationId: GlobalInfraGetTier1ForwardingTableCsv parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/GatewayRouteTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-1 in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of Gateway Firewall rules associated with the Tier-1. The gateway policies are returned in the order of category and sequence number. operationId: GlobalInfraViewTier1GatewayFirewall parameters: - in: path name: tier-1-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-1. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-1 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/statistics: post: consumes: - application/json description: | Resets the statistics of the given VPN session. Since source of data is enforcement point, data is reset there. operationId: GlobalInfraResetTier1VpnIPSecVpnSessionStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: Action on statistics enum: - reset in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset the statistics of the given VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics /global-infra/tier-1s/{tier-1-id}/locale-services: get: consumes: - application/json description: | Paginated list of all Tier-1 locale-services operationId: GlobalInfraListTier1LocaleServices parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServicesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 locale-services tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Locale Services x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/arp-proxies: get: consumes: - application/json description: | This API is deprecated. Please use /infra/tier-1s/<tier-1-id>/arp-proxies Returns ARP proxy table for a tier-1 operationId: GlobalInfraGetTier1ArpProxies parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-1 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 interface operationId: GlobalInfraGetTier1InterfaceArpProxies parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Interface Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 interface in CSV format operationId: GlobalInfraGetTier1InterfaceArpProxiesInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Interface Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the tier-1 interface, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GlobalInfraGetTier1InterfaceArpTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-1 interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-1 interface, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GlobalInfraGetTier1InterfaceArpTableCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-1 interface in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/dad-state: get: consumes: - application/json description: | Get tier-1 interface DAD state information. operationId: GlobalInfraGetTier1InterfaceDADState parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD status by interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics: get: consumes: - application/json description: | Get tier-1 interface statistics information. operationId: GlobalInfraGetTier1InterfaceStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 interface statistics information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics/summary: get: consumes: - application/json description: | Get tier-1 interface statistics information. operationId: GlobalInfraGetTier1InterfaceStatisticsSummary parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 interface statistics summary information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/service-interfaces: get: consumes: - application/json description: | Paginated list of all Tier 1 Service Interfaces operationId: GlobalInfraListTier1ServiceInterfaces parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier 1 Service Interfaces tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/service-interfaces/{interface-id}: get: consumes: - application/json description: |- Read Tier 1 service interface operationId: GlobalInfraReadTier1ServiceInterface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier 1 service interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}: get: consumes: - application/json description: |- Read Tier-1 locale-services operationId: GlobalInfraReadTier1LocaleServices parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 locale-services tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Locale Services x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of Gateway Firewall rules associated with the Tier-1 Locale Services. The gateway policies are returned in the order of category and sequence number. operationId: GlobalInfraViewTier1LocaleServicesGatewayFirewall parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-1 LocalServices. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-1 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/interfaces: get: consumes: - application/json description: | Paginated list of all Tier-1 interfaces operationId: GlobalInfraListTier1Interfaces parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1InterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 interfaces tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/interfaces/{interface-id}: get: consumes: - application/json description: |- Read Tier-1 interface operationId: GlobalInfraReadTier1Interface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1Interface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/nat: get: consumes: - application/json description: | List all NAT sections under the given Tier-1 ID. For more details related to NAT section please refer to PolicyNAT schema. operationId: GlobalInfraListPolicyNatOnTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy NAT types. tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT /global-infra/tier-1s/{tier-1-id}/nat/statistics: get: consumes: - application/json description: |- List NAT Rules Statistics from Tier-1 denoted by Tier-1 ID. operationId: GlobalInfraListPolicyNatRulesStatisticsFromTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsPerLogicalRouterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /global-infra/tier-1s/{tier-1-id}/nat/{nat-id}/nat-rules: get: consumes: - application/json description: | List NAT Rules from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PATCH/PUT PoliycNatRule API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: GlobalInfraListPolicyNatRules parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT /global-infra/tier-1s/{tier-1-id}/nat/{nat-id}/nat-rules/{nat-rule-id}: get: consumes: - application/json description: | Get NAT Rule from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PATCH/PUT PoliycNatRule API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: GlobalInfraGetPolicyNatRule parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT /global-infra/tier-1s/{tier-1-id}/nat/{nat-id}/nat-rules/{nat-rule-id}/statistics: get: consumes: - application/json description: | Get NAT Rule Statistics from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. operationId: GlobalInfraGetPolicyNatRuleStatisticsFromTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - description: Action on statistics enum: - aggregate in: query name: action required: false type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /global-infra/tier-1s/{tier-1-id}/segments: get: consumes: - application/json description: "Paginated list of all fixed segments (identified as /policy/api/v1/infra/tier-1s//segments/)\ \ under Tier-1 instance.\nThis API call does not return flexible segments\ \ (identified as /policy/api/v1/infra/segments/) connected to\ \ the Tier-1.\nTo return all segments connected as a downlink to a Tier-1\ \ one possibility is to use the search API with: https://{{nsx-mgr}}/policy/api/v1/search?query=resource_type:Segment%20AND%20connectivity_path:\u201C\ /infra/tier-1s/\nExtended Segment: Please note that old vpn path deprecated.\ \ If user specify old l2vpn path in the\n\"l2_extension\" object in the PUT/PATCH\ \ API payload, the path returned in the GET response payload may include the\ \ new path\ninstead of the deprecated l2vpn path. Both old and new l2vpn path\ \ refer to same resource. there is no functional impact.\nAlso note that l2vpn\ \ path included in the error messages returned from validation may include\ \ the new VPN path\ninstead of the deprecated l2vpn path. Both new path and\ \ old vpn path refer to same resource.\n" operationId: GlobalInfraListSegments parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Segment type enum: - DVPortgroup - ALL in: query name: segment_type type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Paginated list of all fixed segments (identified as /policy/api/v1/infra/tier-1s//segments/) under Tier-1 instance. tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/segments/state: get: consumes: - application/json description: | Returns all tier-1 segments with configuration state on the enforcement point specified in the request operationId: GlobalInfraGetTier1SegmentsByState parameters: - in: path name: tier-1-id required: true type: string - description: Configuration state of the segment on enforcement point enum: - pending - in_progress - success - failed - partial_success - orphaned - unknown in: query name: configuration_state required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segments by configuration state tags: - Policy - Networking - Connectivity - Segments - State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}: get: consumes: - application/json description: | Read segment Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PUT/PATCH API payload, the path returned in the GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: GlobalInfraReadSegment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Segment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read segment tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment operationId: GlobalInfraGetDownlinkPortArpProxiesForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for tier-1 segment tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment in CSV operationId: GlobalInfraGetDownlinkPortArpProxiesForTier1SegmentInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for tier-1 segment in CSV tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the interface (downlink) attaching segment to tier-1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GlobalInfraGetSegmentInterfaceArpTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the interface (downlink) attaching segment to tier1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GlobalInfraGetSegmentInterfaceArpTableCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/bep-statistics: get: consumes: - application/json description: | Get detailed information on Tier-1 segment bridge end point statistics using segment ID and profile path. operationId: GlobalInfraTier1SegmentBridgeEndpointStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Bridge profile path in: query name: bridge_profile_path required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BridgeEndpointStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment bridge end point statistics using segment ID and profile path. tags: - Policy - Networking - Connectivity - Segments - Bridge Endpoints - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/bep-status: get: consumes: - application/json description: | Get detailed information on Tier-1 segment bridge end point status using segment ID and profile path. operationId: GlobalInfraTier1SegmentBridgeEndpointStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Bridge profile path in: query name: bridge_profile_path required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BridgeEndpointStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment bridge end point status using segment ID and profile path. tags: - Policy - Networking - Connectivity - Segments - Bridge Endpoints - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/dhcp-static-binding-configs: get: consumes: - application/json description: | Paginated list of all DHCP static binding instances operationId: GlobalInfraListSegmentDhcpStaticBinding parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all DHCP static bindings tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings (Fixed) x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/dhcp-static-binding-configs/{binding-id}: get: consumes: - application/json description: |- Read DHCP static binding operationId: GlobalInfraReadSegmentDhcpStaticBinding parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings (Fixed) x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/dhcp-static-bindings/{binding-id}/state: get: consumes: - application/json description: |- Read DHCP static binding state operationId: GlobalInfraReadSegmentDhcpStaticBindingState parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding state tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-arp-table: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/tier-1s/<tier-1-id>/segments/<segment-id>/arp-table Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GlobalInfraGetDownlinkPortArpTableForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-arp-table?format=csv: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/tier-1s/<tier-1-id>/segments/<segment-id>/arp-table?format=csv Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GlobalInfraGetDownlinkPortArpTableForTier1SegmentInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-1 router in CSV tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-dad-state: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GlobalInfraGetDownlinkPortDadStateForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD state for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-statistics: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GlobalInfraGetDownlinkPortStatisticsForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-statistics/summary: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GlobalInfraGetDownlinkPortStatisticsSummaryForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/inter-site-forwarder/site-span-info: get: consumes: - application/json description: | Get segment cross site forwarder placement and HA statuss. operationId: GlobalInfraGetSegmentCsSpanInfo parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentL2ForwarderSiteSpanInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment cross site forwarder placement and HA status tags: - Federation - Inter-Sites x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/inter-site-forwarder/status: get: consumes: - application/json description: | Get segment cross site traffic statistics. operationId: GlobalInfraGetSegmentCsTrafficStats parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentCrossSiteTrafficStats' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment cross site traffic statistics tags: - Federation - Inter-Sites x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GlobalInfraGetTier1SegmentMacTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment MAC table tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GlobalInfraGetTier1SegmentMacTableInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/MacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports: get: consumes: - application/json description: | List all the ports for a Tier-1 segment. operationId: GlobalInfraListTier1SegmentPorts parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 segment ports tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}: delete: consumes: - application/json description: | Delete a Tier-1 segment port by giving ID. operationId: GlobalInfraDeleteTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Get detail information on a Tier-1 segment port by giving ID. operationId: GlobalInfraGetTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment port by ID tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create a Tier-1 segment port if it does not exist based on the IDs, or update existing port information by replacing the port object fields which presents in the request body. operationId: GlobalInfraPatchTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a Tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create a Tier-1 segment port if it does not exist based on the IDs, or update existing port information by replacing the port object already exists. operationId: GlobalInfraCreateOrReplaceTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GlobalInfraGetTier1SegmentPortMacTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get MAC table for tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GlobalInfraGetTier1SegmentPortMacTableInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment port MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Port Discovery Profile Binding Maps in current port id. operationId: GlobalInfraListPortDiscoveryBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-discovery-profile-binding-maps/{port-discovery-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Port Discovery Profile Binding Profile operationId: GlobalInfraDeletePortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port Discovery Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding get: consumes: - application/json description: | API will get Port Discovery Profile Binding Map operationId: GlobalInfraGetPortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding patch: consumes: - application/json description: |- API will create Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraPatchPortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding put: consumes: - application/json description: |- API will update Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraUpdatePortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Port Monitoring Profile Binding Maps in current port id. operationId: GlobalInfraListPortMonitoringBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Port Monitoring Profile Binding Profile. operationId: GlobalInfraDeletePortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port Monitoring Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding get: consumes: - application/json description: | API will get Port Monitoring Profile Binding Map. operationId: GlobalInfraGetPortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding patch: consumes: - application/json description: |- API will create Port Monitoring Profile Binding Map. operationId: GlobalInfraPatchPortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding put: consumes: - application/json description: |- API will update Port Monitoring Profile Binding Map. operationId: GlobalInfraUpdatePortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get mirror stack status by Port Monitoring Profile Binding Map. operationId: GlobalInfraGetPortMonitoringBindingMirrorStackStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: path name: port-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Port QoS Profile Binding Maps in current port id. operationId: GlobalInfraListPortQoSBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps/{port-qos-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Port QoS Profile Binding Profile. operationId: GlobalInfraDeletePortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port QoS Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding get: consumes: - application/json description: | API will get Port QoS Profile Binding Map. operationId: GlobalInfraGetPortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding patch: consumes: - application/json description: |- API will create Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraPatchPortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding put: consumes: - application/json description: |- API will update Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraUpdatePortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps: get: consumes: - application/json description: | API will list all port security profile binding maps. operationId: GlobalInfraListPortSecurityProfileBindings parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List port security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps/{port-security-profile-binding-map-id} : delete: consumes: - application/json description: | API will delete the port security profile binding map. operationId: GlobalInfraDeletePortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete the port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding get: consumes: - application/json description: | API will return details of the port security profile binding map. If the security profile binding map does not exist, it will return 404. operationId: GlobalInfraGetPortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding patch: consumes: - application/json description: | Create a new port security profile binding map if the given security profile binding map does not exist. Otherwise, patch the existing port security profile binding map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraPatchPortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding put: consumes: - application/json description: | API will create or replace the port security profile binding map. For objects with no binding maps, default profile is applied. operationId: GlobalInfraCreateOrUpdatePortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace the port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/state: get: consumes: - application/json description: | Returns tier-1 segment port state on enforcement point operationId: GlobalInfraGetTier1SegmentPortState parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment port state tags: - Policy - Networking - Connectivity - Segments - Ports - State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment Discovery Profile Binding Maps in current segment id. operationId: GlobalInfraListSegmentDiscoveryBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-discovery-profile-binding-maps/{segment-discovery-profile-binding-map-id} : get: consumes: - application/json description: | API will get Segment Discovery Profile Binding Map operationId: GlobalInfraGetSegmentDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment Monitoring Profile Binding Maps in current segment id. operationId: GlobalInfraListSegmentMonitoringBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id} : get: consumes: - application/json description: | API will get Segment Monitoring Profile Binding Map. operationId: GlobalInfraGetSegmentMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get mirror stack status by Segment Monitoring Profile Binding Map. operationId: GlobalInfraGetSegmentMonitoringBindingMirrorStackStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: segment-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment QoS Profile Binding Maps in current segment id. operationId: GlobalInfraListSegmentQoSBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-qos-profile-binding-maps/{segment-qos-profile-binding-map-id} : get: consumes: - application/json description: | API will get Segment QoS Profile Binding Map. operationId: GlobalInfraGetSegmentQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-security-profile-binding-maps: get: consumes: - application/json description: | API will list all segment security profile binding maps. operationId: GlobalInfraListSegmentSecurityProfileBindings parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List segment security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding ? /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-security-profile-binding-maps/{segment-security-profile-binding-map-id} : get: consumes: - application/json description: | API will return details of the segment security profile binding map. If the binding map does not exist, it will return 404. operationId: GlobalInfraGetSegmentSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/static-arp: get: consumes: - application/json description: |- Read static ARP config operationId: GlobalInfraReadStaticARPConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticARPConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read static ARP config tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/tep-table: get: consumes: - application/json description: | Returns TEP table for a segment operationId: GlobalInfraGetTier1SegmentTepTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment TEP table tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segment-id}/tep-table?format=csv: get: consumes: - application/json description: | Returns TEP table for a segment in CSV operationId: GlobalInfraGetTier1SegmentTepTableInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment TEP table in CSV tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segments-id}/ports/{port-id}/statistics: get: consumes: - application/json description: | Get tier-1 segment port statistics information. operationId: GlobalInfraGetSegmentPortStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment port statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segments-id}/ports/{port-id}/status: get: consumes: - application/json description: | Get tier1 segment port status information. operationId: GlobalInfraGetSegmentPortStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment port status information tags: - Policy - Networking - Connectivity - Segments - Status x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segments-id}/state: get: consumes: - application/json description: | Get tier1 segment state information. operationId: GlobalInfraGetSegmentState parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment state information tags: - Policy - Networking - Connectivity - Segments - State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/segments/{segments-id}/statistics: get: consumes: - application/json description: | Get tier1 segment statistics information. operationId: GlobalInfraGetSegmentStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/state: get: consumes: - application/json description: | Returns operationId: GlobalInfraGetTier1State parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Interface path for interface specific state such as IPv6 DAD state in: query name: interface_path type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Returns specific information based on the value specified. enum: - GATEWAY_STATE - GATEWAY_STATUS - IPV6_STATUS in: query name: type type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1GatewayState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier1 state tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - State x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/static-routes: get: consumes: - application/json description: | Paginated list of all Tier-1 Static Routes operationId: GlobalInfraListTier1StaticRoutes parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 Static Routes tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/static-routes/{route-id}: get: consumes: - application/json description: |- Read Tier-1 static routes operationId: GlobalInfraReadTier1StaticRoutes parameters: - in: path name: tier-1-id required: true type: string - in: path name: route-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 static routes tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /global-infra/tier-1s/{tier-1-id}/tier-0-interface/arp-table: get: consumes: - application/json description: | Get tier-1 interface arp information. operationId: GlobalInfraGetTier1RouterLinkArpTable parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 router link arp information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/tier-0-interface/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-1 router link interface. operationId: GlobalInfraGetTier1RouterLinkArpTableCsv parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-1 router link interface in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/tier-0-interface/statistics: get: consumes: - application/json description: | Get tier-0 interface statistics information. operationId: GlobalInfraGetTier1RouterLinkStatistics parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 router link statistics information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier-1-id}/tier-0-interface/statistics/summary: get: consumes: - application/json description: | Get tier-1 interface statistics summary information. operationId: GlobalInfraGetTier1RouterLinkSummaryStatistics parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 router link statistics summary information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /global-infra/tier-1s/{tier1-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id}: get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-1 Logical Router. operationId: GlobalInfraGetTier1FloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /global-infra/tier-1s/{tier1-id}/locale-services/{locale-services-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id} : get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices. operationId: GlobalInfraGetTier1LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /global-infra/tier-1s/{tier1-id}/locale-services/{locale-services-id}/session-timer-profile-bindings/{session-timer-profile-binding-id} : get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices. operationId: GlobalInfraGetTier1LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /global-infra/tier-1s/{tier1-id}/session-timer-profile-bindings/{session-timer-profile-binding-id}: get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-1 Logical Router. operationId: GlobalInfraGetTier1SessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /global-infra/tier-1s/{tier1-id}/tls-inspection-config-profile-bindings/{tls-inspection-config-profile-binding-id}: get: consumes: - application/json description: | API will get TLS Config Profile Binding Map for Tier-1 Logical Router. operationId: GlobalInfraGetTier1TlsConfigProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: tls-inspection-config-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsConfigProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get TLS Config Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyGatewayProfileBinding /global-infra/transport-zone-profiles: get: consumes: - application/json description: | API will list all Policy Transport Zone Profiles. operationId: GlobalInfraGetPolicyTransportZoneProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy Transport Zone Profiles tags: - Policy - Networking - Networking Profiles - Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile /global-infra/transport-zone-profiles/{tz-profile-id}: get: consumes: - application/json description: | API will fetch Policy Transport Zone Profile. operationId: GlobalInfraGetPolicyTransportZoneProfile parameters: - in: path name: tz-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Policy Transport Zone Profile tags: - Policy - Networking - Networking Profiles - Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile /global-infra/virtual-machine-group-associations: get: consumes: - application/json description: | Get policy groups for which the given VM is a member. operationId: GlobalInfraGetGroupsForVM parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Virtual machine external ID in: query name: vm_external_id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given VM is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/virtual-network-interface-group-associations: get: consumes: - application/json description: | Get policy groups for which the given VIF is a member. operationId: GlobalInfraGetGroupsForVIF parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Virtual network interface external ID in: query name: vif_external_id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given VIF is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /global-infra/vm-tag-replication-policies: get: consumes: - application/json description: | List all VM tag replication policies. operationId: GlobalInfraListVMTagReplicationPolicies parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VMTagReplicationPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all VM tag replication policies tags: - Policy - Inventory - Vm x-vmw-nsx-module: VMTagReplicationPolicy /global-infra/vm-tag-replication-policies/{id}: get: consumes: - application/json description: | Get the VM tag replication policy specified by id. operationId: GlobalInfraGetVMTagReplicationPolicy parameters: - description: |- ID of VM tag replication policy in: path name: id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VMTagReplicationPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the VM tag replication policy specified by id tags: - Policy - Inventory - Vm x-vmw-nsx-module: VMTagReplicationPolicy /infra: get: consumes: - application/json description: | Read infra. Returns only the infra related properties. Inner object are not populated. operationId: ReadInfra parameters: - description: Base Path for retrieving hierarchical intent in: query name: base_path required: false type: string - description: Filter string as java regex in: query name: filter required: false type: string - description: Filter string to retrieve hierarchy. in: query name: type_filter required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Infra' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read infra tags: - Policy - Infra - Hierarchical API x-vmw-nsx-module: Policy patch: consumes: - application/json description: | Patch API at infra level can be used in two flavours 1. Like a regular API to update Infra object 2. Hierarchical API: To create/update/delete entire or part of intent hierarchy Hierarchical API: Provides users a way to create entire or part of intent in single API invocation. Input is expressed in a tree format. Each node in tree can have multiple children of different types. System will resolve the dependecies of nodes within the intent tree and will create the model. Children for any node can be specified using ChildResourceReference or ChildPolicyConfigResource. If a resource is specified using ChildResourceReference then it will not be updated only its children will be updated. If Object is specified using ChildPolicyConfigResource, object along with its children will be updated. Hierarchical API can also be used to delete any sub-branch of entire tree. operationId: PatchInfra parameters: - in: body name: Infra required: true schema: $ref: '#/definitions/Infra' - default: false description: Force revision check in: query name: enforce_revision_check required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the infra including all the nested entities tags: - Policy - Infra - Hierarchical API x-vmw-nsx-module: Policy put: consumes: - application/json description: | Updates only the single infra object. This does not allow hierarchical updates of entities. operationId: UpdateInfra parameters: - in: body name: Infra required: true schema: $ref: '#/definitions/Infra' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Infra' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the infra object tags: - Policy - Infra - Hierarchical API x-vmw-nsx-module: Policy /infra/alb-analytics-profiles: get: consumes: - application/json description: | Paginated list of all ALBAnalyticsProfile for infra. operationId: ListALBAnalyticsProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAnalyticsProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBAnalyticsProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Analytics Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-analytics-profiles/{alb-analyticsprofile-id}: delete: consumes: - application/json description: | Delete the ALBAnalyticsProfile along with all the entities contained by this ALBAnalyticsProfile. operationId: DeleteALBAnalyticsProfile parameters: - description: |- ALBAnalyticsProfile ID in: path name: alb-analyticsprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBAnalyticsProfile and all the entities contained by this ALBAnalyticsProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Analytics Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBAnalyticsProfile. operationId: ReadALBAnalyticsProfile parameters: - description: |- ALBAnalyticsProfile ID in: path name: alb-analyticsprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAnalyticsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBAnalyticsProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Analytics Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBanalyticsprofile with the alb-analyticsprofile-id is not already present, create a new ALBanalyticsprofile. If it already exists, update the ALBanalyticsprofile. This is a full replace. operationId: PatchALBAnalyticsProfile parameters: - description: |- ALBanalyticsprofile ID in: path name: alb-analyticsprofile-id required: true type: string - in: body name: ALBAnalyticsProfile required: true schema: $ref: '#/definitions/ALBAnalyticsProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBanalyticsprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Analytics Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBAnalyticsProfile with the alb-AnalyticsProfile-id is not already present, create a new ALBAnalyticsProfile. If it already exists, update the ALBAnalyticsProfile. This is a full replace. operationId: UpdateALBAnalyticsProfile parameters: - description: |- ALBAnalyticsProfile ID in: path name: alb-analyticsprofile-id required: true type: string - in: body name: ALBAnalyticsProfile required: true schema: $ref: '#/definitions/ALBAnalyticsProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAnalyticsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBAnalyticsProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Analytics Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-application-persistence-profiles: get: consumes: - application/json description: | Paginated list of all ALBApplicationPersistenceProfile for infra. operationId: ListALBApplicationPersistenceProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBApplicationPersistenceProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBApplicationPersistenceProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Persistence Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-application-persistence-profiles/{alb-applicationpersistenceprofile-id}: delete: consumes: - application/json description: | Delete the ALBApplicationPersistenceProfile along with all the entities contained by this ALBApplicationPersistenceProfile. operationId: DeleteALBApplicationPersistenceProfile parameters: - description: |- ALBApplicationPersistenceProfile ID in: path name: alb-applicationpersistenceprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBApplicationPersistenceProfile and all the entities contained by this ALBApplicationPersistenceProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Persistence Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBApplicationPersistenceProfile. operationId: ReadALBApplicationPersistenceProfile parameters: - description: |- ALBApplicationPersistenceProfile ID in: path name: alb-applicationpersistenceprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBApplicationPersistenceProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBApplicationPersistenceProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Persistence Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBapplicationpersistenceprofile with the alb-applicationpersistenceprofile-id is not already present, create a new ALBapplicationpersistenceprofile. If it already exists, update the ALBapplicationpersistenceprofile. This is a full replace. operationId: PatchALBApplicationPersistenceProfile parameters: - description: |- ALBapplicationpersistenceprofile ID in: path name: alb-applicationpersistenceprofile-id required: true type: string - in: body name: ALBApplicationPersistenceProfile required: true schema: $ref: '#/definitions/ALBApplicationPersistenceProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBapplicationpersistenceprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Persistence Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBApplicationPersistenceProfile with the alb-ApplicationPersistenceProfile-id is not already present, create a new ALBApplicationPersistenceProfile. If it already exists, update the ALBApplicationPersistenceProfile. This is a full replace. operationId: UpdateALBApplicationPersistenceProfile parameters: - description: |- ALBApplicationPersistenceProfile ID in: path name: alb-applicationpersistenceprofile-id required: true type: string - in: body name: ALBApplicationPersistenceProfile required: true schema: $ref: '#/definitions/ALBApplicationPersistenceProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBApplicationPersistenceProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBApplicationPersistenceProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Persistence Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-application-profiles: get: consumes: - application/json description: | Paginated list of all ALBApplicationProfile for infra. operationId: ListALBApplicationProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBApplicationProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBApplicationProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-application-profiles/{alb-applicationprofile-id}: delete: consumes: - application/json description: | Delete the ALBApplicationProfile along with all the entities contained by this ALBApplicationProfile. operationId: DeleteALBApplicationProfile parameters: - description: |- ALBApplicationProfile ID in: path name: alb-applicationprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBApplicationProfile and all the entities contained by this ALBApplicationProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBApplicationProfile. operationId: ReadALBApplicationProfile parameters: - description: |- ALBApplicationProfile ID in: path name: alb-applicationprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBApplicationProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBApplicationProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBapplicationprofile with the alb-applicationprofile-id is not already present, create a new ALBapplicationprofile. If it already exists, update the ALBapplicationprofile. This is a full replace. operationId: PatchALBApplicationProfile parameters: - description: |- ALBapplicationprofile ID in: path name: alb-applicationprofile-id required: true type: string - in: body name: ALBApplicationProfile required: true schema: $ref: '#/definitions/ALBApplicationProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBapplicationprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBApplicationProfile with the alb-ApplicationProfile-id is not already present, create a new ALBApplicationProfile. If it already exists, update the ALBApplicationProfile. This is a full replace. operationId: UpdateALBApplicationProfile parameters: - description: |- ALBApplicationProfile ID in: path name: alb-applicationprofile-id required: true type: string - in: body name: ALBApplicationProfile required: true schema: $ref: '#/definitions/ALBApplicationProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBApplicationProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBApplicationProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Application Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-auth-profiles: get: consumes: - application/json description: | Paginated list of all ALBAuthProfile for infra. operationId: ListALBAuthProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAuthProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBAuthProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auth Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-auth-profiles/{alb-authprofile-id}: delete: consumes: - application/json description: | Delete the ALBAuthProfile along with all the entities contained by this ALBAuthProfile. operationId: DeleteALBAuthProfile parameters: - description: |- ALBAuthProfile ID in: path name: alb-authprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBAuthProfile and all the entities contained by this ALBAuthProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auth Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBAuthProfile. operationId: ReadALBAuthProfile parameters: - description: |- ALBAuthProfile ID in: path name: alb-authprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAuthProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBAuthProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auth Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBauthprofile with the alb-authprofile-id is not already present, create a new ALBauthprofile. If it already exists, update the ALBauthprofile. This is a full replace. operationId: PatchALBAuthProfile parameters: - description: |- ALBauthprofile ID in: path name: alb-authprofile-id required: true type: string - in: body name: ALBAuthProfile required: true schema: $ref: '#/definitions/ALBAuthProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBauthprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auth Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBAuthProfile with the alb-AuthProfile-id is not already present, create a new ALBAuthProfile. If it already exists, update the ALBAuthProfile. This is a full replace. operationId: UpdateALBAuthProfile parameters: - description: |- ALBAuthProfile ID in: path name: alb-authprofile-id required: true type: string - in: body name: ALBAuthProfile required: true schema: $ref: '#/definitions/ALBAuthProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAuthProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBAuthProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auth Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-auth-token: put: consumes: - application/json description: | Passthorugh API calls to Avi controller using the Auth of policy API request send to this API will be passthrough to Avi controller and Avi controller response will be embedded for this API. operationId: GetALBAuthToken parameters: - in: body name: ALBAuthToken required: true schema: $ref: '#/definitions/ALBAuthToken' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAuthToken' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Alb Auth Token API calls to Avi Controller. tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auth Token x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-auto-scale-launch-configs: get: consumes: - application/json description: | Paginated list of all ALBAutoScaleLaunchConfig for infra. operationId: ListALBAutoScaleLaunchConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAutoScaleLaunchConfigApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBAutoScaleLaunchConfig for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auto Scale Launch Configs x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-auto-scale-launch-configs/{alb-autoscalelaunchconfig-id}: delete: consumes: - application/json description: | Delete the ALBAutoScaleLaunchConfig along with all the entities contained by this ALBAutoScaleLaunchConfig. operationId: DeleteALBAutoScaleLaunchConfig parameters: - description: |- ALBAutoScaleLaunchConfig ID in: path name: alb-autoscalelaunchconfig-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBAutoScaleLaunchConfig and all the entities contained by this ALBAutoScaleLaunchConfig tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auto Scale Launch Configs x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBAutoScaleLaunchConfig. operationId: ReadALBAutoScaleLaunchConfig parameters: - description: |- ALBAutoScaleLaunchConfig ID in: path name: alb-autoscalelaunchconfig-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAutoScaleLaunchConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBAutoScaleLaunchConfig tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auto Scale Launch Configs x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBautoscalelaunchconfig with the alb-autoscalelaunchconfig-id is not already present, create a new ALBautoscalelaunchconfig. If it already exists, update the ALBautoscalelaunchconfig. This is a full replace. operationId: PatchALBAutoScaleLaunchConfig parameters: - description: |- ALBautoscalelaunchconfig ID in: path name: alb-autoscalelaunchconfig-id required: true type: string - in: body name: ALBAutoScaleLaunchConfig required: true schema: $ref: '#/definitions/ALBAutoScaleLaunchConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBautoscalelaunchconfig tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auto Scale Launch Configs x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBAutoScaleLaunchConfig with the alb-AutoScaleLaunchConfig-id is not already present, create a new ALBAutoScaleLaunchConfig. If it already exists, update the ALBAutoScaleLaunchConfig. This is a full replace. operationId: UpdateALBAutoScaleLaunchConfig parameters: - description: |- ALBAutoScaleLaunchConfig ID in: path name: alb-autoscalelaunchconfig-id required: true type: string - in: body name: ALBAutoScaleLaunchConfig required: true schema: $ref: '#/definitions/ALBAutoScaleLaunchConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBAutoScaleLaunchConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBAutoScaleLaunchConfig tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Auto Scale Launch Configs x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-controller-version: get: consumes: - application/json description: | Read an ALBControllerSupportVersion. operationId: ReadALBControllerSupportedVersion produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBControllerVersion' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an ALBControllerSupportedVersion tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Controller Version x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-dns-policies: get: consumes: - application/json description: | Paginated list of all ALBDnsPolicy for infra. operationId: ListALBDnsPolicy parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBDnsPolicyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBDnsPolicy for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb DNS Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-dns-policies/{alb-dnspolicy-id}: delete: consumes: - application/json description: | Delete the ALBDnsPolicy along with all the entities contained by this ALBDnsPolicy. operationId: DeleteALBDnsPolicy parameters: - description: |- ALBDnsPolicy ID in: path name: alb-dnspolicy-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBDnsPolicy and all the entities contained by this ALBDnsPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb DNS Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBDnsPolicy. operationId: ReadALBDnsPolicy parameters: - description: |- ALBDnsPolicy ID in: path name: alb-dnspolicy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBDnsPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBDnsPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb DNS Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBdnspolicy with the alb-dnspolicy-id is not already present, create a new ALBdnspolicy. If it already exists, update the ALBdnspolicy. This is a full replace. operationId: PatchALBDnsPolicy parameters: - description: |- ALBdnspolicy ID in: path name: alb-dnspolicy-id required: true type: string - in: body name: ALBDnsPolicy required: true schema: $ref: '#/definitions/ALBDnsPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBdnspolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb DNS Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBDnsPolicy with the alb-DnsPolicy-id is not already present, create a new ALBDnsPolicy. If it already exists, update the ALBDnsPolicy. This is a full replace. operationId: UpdateALBDnsPolicy parameters: - description: |- ALBDnsPolicy ID in: path name: alb-dnspolicy-id required: true type: string - in: body name: ALBDnsPolicy required: true schema: $ref: '#/definitions/ALBDnsPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBDnsPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBDnsPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb DNS Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-error-page-bodies: get: consumes: - application/json description: | Paginated list of all ALBErrorPageBody for infra. operationId: ListALBErrorPageBody parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBErrorPageBodyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBErrorPageBody for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Bodies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-error-page-bodies/{alb-errorpagebody-id}: delete: consumes: - application/json description: | Delete the ALBErrorPageBody along with all the entities contained by this ALBErrorPageBody. operationId: DeleteALBErrorPageBody parameters: - description: |- ALBErrorPageBody ID in: path name: alb-errorpagebody-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBErrorPageBody and all the entities contained by this ALBErrorPageBody tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Bodies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBErrorPageBody. operationId: ReadALBErrorPageBody parameters: - description: |- ALBErrorPageBody ID in: path name: alb-errorpagebody-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBErrorPageBody' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBErrorPageBody tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Bodies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBerrorpagebody with the alb-errorpagebody-id is not already present, create a new ALBerrorpagebody. If it already exists, update the ALBerrorpagebody. This is a full replace. operationId: PatchALBErrorPageBody parameters: - description: |- ALBerrorpagebody ID in: path name: alb-errorpagebody-id required: true type: string - in: body name: ALBErrorPageBody required: true schema: $ref: '#/definitions/ALBErrorPageBody' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBerrorpagebody tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Bodies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBErrorPageBody with the alb-ErrorPageBody-id is not already present, create a new ALBErrorPageBody. If it already exists, update the ALBErrorPageBody. This is a full replace. operationId: UpdateALBErrorPageBody parameters: - description: |- ALBErrorPageBody ID in: path name: alb-errorpagebody-id required: true type: string - in: body name: ALBErrorPageBody required: true schema: $ref: '#/definitions/ALBErrorPageBody' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBErrorPageBody' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBErrorPageBody tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Bodies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-error-page-profiles: get: consumes: - application/json description: | Paginated list of all ALBErrorPageProfile for infra. operationId: ListALBErrorPageProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBErrorPageProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBErrorPageProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-error-page-profiles/{alb-errorpageprofile-id}: delete: consumes: - application/json description: | Delete the ALBErrorPageProfile along with all the entities contained by this ALBErrorPageProfile. operationId: DeleteALBErrorPageProfile parameters: - description: |- ALBErrorPageProfile ID in: path name: alb-errorpageprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBErrorPageProfile and all the entities contained by this ALBErrorPageProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBErrorPageProfile. operationId: ReadALBErrorPageProfile parameters: - description: |- ALBErrorPageProfile ID in: path name: alb-errorpageprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBErrorPageProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBErrorPageProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBerrorpageprofile with the alb-errorpageprofile-id is not already present, create a new ALBerrorpageprofile. If it already exists, update the ALBerrorpageprofile. This is a full replace. operationId: PatchALBErrorPageProfile parameters: - description: |- ALBerrorpageprofile ID in: path name: alb-errorpageprofile-id required: true type: string - in: body name: ALBErrorPageProfile required: true schema: $ref: '#/definitions/ALBErrorPageProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBerrorpageprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBErrorPageProfile with the alb-ErrorPageProfile-id is not already present, create a new ALBErrorPageProfile. If it already exists, update the ALBErrorPageProfile. This is a full replace. operationId: UpdateALBErrorPageProfile parameters: - description: |- ALBErrorPageProfile ID in: path name: alb-errorpageprofile-id required: true type: string - in: body name: ALBErrorPageProfile required: true schema: $ref: '#/definitions/ALBErrorPageProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBErrorPageProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBErrorPageProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Error Page Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-hardware-security-module-groups: get: consumes: - application/json description: | Paginated list of all ALBHardwareSecurityModuleGroup for infra. operationId: ListALBHardwareSecurityModuleGroup parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHardwareSecurityModuleGroupApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBHardwareSecurityModuleGroup for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Hardware Security Module Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-hardware-security-module-groups/{alb-hardwaresecuritymodulegroup-id}: delete: consumes: - application/json description: | Delete the ALBHardwareSecurityModuleGroup along with all the entities contained by this ALBHardwareSecurityModuleGroup. operationId: DeleteALBHardwareSecurityModuleGroup parameters: - description: |- ALBHardwareSecurityModuleGroup ID in: path name: alb-hardwaresecuritymodulegroup-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBHardwareSecurityModuleGroup and all the entities contained by this ALBHardwareSecurityModuleGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Hardware Security Module Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBHardwareSecurityModuleGroup. operationId: ReadALBHardwareSecurityModuleGroup parameters: - description: |- ALBHardwareSecurityModuleGroup ID in: path name: alb-hardwaresecuritymodulegroup-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHardwareSecurityModuleGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBHardwareSecurityModuleGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Hardware Security Module Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBhardwaresecuritymodulegroup with the alb-hardwaresecuritymodulegroup-id is not already present, create a new ALBhardwaresecuritymodulegroup. If it already exists, update the ALBhardwaresecuritymodulegroup. This is a full replace. operationId: PatchALBHardwareSecurityModuleGroup parameters: - description: |- ALBhardwaresecuritymodulegroup ID in: path name: alb-hardwaresecuritymodulegroup-id required: true type: string - in: body name: ALBHardwareSecurityModuleGroup required: true schema: $ref: '#/definitions/ALBHardwareSecurityModuleGroup' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBhardwaresecuritymodulegroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Hardware Security Module Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBHardwareSecurityModuleGroup with the alb-HardwareSecurityModuleGroup-id is not already present, create a new ALBHardwareSecurityModuleGroup. If it already exists, update the ALBHardwareSecurityModuleGroup. This is a full replace. operationId: UpdateALBHardwareSecurityModuleGroup parameters: - description: |- ALBHardwareSecurityModuleGroup ID in: path name: alb-hardwaresecuritymodulegroup-id required: true type: string - in: body name: ALBHardwareSecurityModuleGroup required: true schema: $ref: '#/definitions/ALBHardwareSecurityModuleGroup' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHardwareSecurityModuleGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBHardwareSecurityModuleGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Hardware Security Module Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-health-monitors: get: consumes: - application/json description: | Paginated list of all ALBHealthMonitor for infra. operationId: ListALBHealthMonitor parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHealthMonitorApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBHealthMonitor for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Health Monitors x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-health-monitors/{alb-healthmonitor-id}: delete: consumes: - application/json description: | Delete the ALBHealthMonitor along with all the entities contained by this ALBHealthMonitor. operationId: DeleteALBHealthMonitor parameters: - description: |- ALBHealthMonitor ID in: path name: alb-healthmonitor-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBHealthMonitor and all the entities contained by this ALBHealthMonitor tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Health Monitors x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBHealthMonitor. operationId: ReadALBHealthMonitor parameters: - description: |- ALBHealthMonitor ID in: path name: alb-healthmonitor-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHealthMonitor' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBHealthMonitor tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Health Monitors x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBhealthmonitor with the alb-healthmonitor-id is not already present, create a new ALBhealthmonitor. If it already exists, update the ALBhealthmonitor. This is a full replace. operationId: PatchALBHealthMonitor parameters: - description: |- ALBhealthmonitor ID in: path name: alb-healthmonitor-id required: true type: string - in: body name: ALBHealthMonitor required: true schema: $ref: '#/definitions/ALBHealthMonitor' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBhealthmonitor tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Health Monitors x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBHealthMonitor with the alb-HealthMonitor-id is not already present, create a new ALBHealthMonitor. If it already exists, update the ALBHealthMonitor. This is a full replace. operationId: UpdateALBHealthMonitor parameters: - description: |- ALBHealthMonitor ID in: path name: alb-healthmonitor-id required: true type: string - in: body name: ALBHealthMonitor required: true schema: $ref: '#/definitions/ALBHealthMonitor' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHealthMonitor' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBHealthMonitor tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Health Monitors x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-http-policy-sets: get: consumes: - application/json description: | Paginated list of all ALBHTTPPolicySet for infra. operationId: ListALBHTTPPolicySet parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHTTPPolicySetApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBHTTPPolicySet for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb HTTP Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-http-policy-sets/{alb-httppolicyset-id}: delete: consumes: - application/json description: | Delete the ALBHTTPPolicySet along with all the entities contained by this ALBHTTPPolicySet. operationId: DeleteALBHTTPPolicySet parameters: - description: |- ALBHTTPPolicySet ID in: path name: alb-httppolicyset-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBHTTPPolicySet and all the entities contained by this ALBHTTPPolicySet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb HTTP Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBHTTPPolicySet. operationId: ReadALBHTTPPolicySet parameters: - description: |- ALBHTTPPolicySet ID in: path name: alb-httppolicyset-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHTTPPolicySet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBHTTPPolicySet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb HTTP Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBhttppolicyset with the alb-httppolicyset-id is not already present, create a new ALBhttppolicyset. If it already exists, update the ALBhttppolicyset. This is a full replace. operationId: PatchALBHTTPPolicySet parameters: - description: |- ALBhttppolicyset ID in: path name: alb-httppolicyset-id required: true type: string - in: body name: ALBHTTPPolicySet required: true schema: $ref: '#/definitions/ALBHTTPPolicySet' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBhttppolicyset tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb HTTP Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBHTTPPolicySet with the alb-HTTPPolicySet-id is not already present, create a new ALBHTTPPolicySet. If it already exists, update the ALBHTTPPolicySet. This is a full replace. operationId: UpdateALBHTTPPolicySet parameters: - description: |- ALBHTTPPolicySet ID in: path name: alb-httppolicyset-id required: true type: string - in: body name: ALBHTTPPolicySet required: true schema: $ref: '#/definitions/ALBHTTPPolicySet' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBHTTPPolicySet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBHTTPPolicySet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb HTTP Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-ip-addr-groups: get: consumes: - application/json description: | Paginated list of all ALBIpAddrGroup for infra. operationId: ListALBIpAddrGroup parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBIpAddrGroupApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBIpAddrGroup for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb IP Addr Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-ip-addr-groups/{alb-ipaddrgroup-id}: delete: consumes: - application/json description: | Delete the ALBIpAddrGroup along with all the entities contained by this ALBIpAddrGroup. operationId: DeleteALBIpAddrGroup parameters: - description: |- ALBIpAddrGroup ID in: path name: alb-ipaddrgroup-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBIpAddrGroup and all the entities contained by this ALBIpAddrGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb IP Addr Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBIpAddrGroup. operationId: ReadALBIpAddrGroup parameters: - description: |- ALBIpAddrGroup ID in: path name: alb-ipaddrgroup-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBIpAddrGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBIpAddrGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb IP Addr Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBipaddrgroup with the alb-ipaddrgroup-id is not already present, create a new ALBipaddrgroup. If it already exists, update the ALBipaddrgroup. This is a full replace. operationId: PatchALBIpAddrGroup parameters: - description: |- ALBipaddrgroup ID in: path name: alb-ipaddrgroup-id required: true type: string - in: body name: ALBIpAddrGroup required: true schema: $ref: '#/definitions/ALBIpAddrGroup' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBipaddrgroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb IP Addr Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBIpAddrGroup with the alb-IpAddrGroup-id is not already present, create a new ALBIpAddrGroup. If it already exists, update the ALBIpAddrGroup. This is a full replace. operationId: UpdateALBIpAddrGroup parameters: - description: |- ALBIpAddrGroup ID in: path name: alb-ipaddrgroup-id required: true type: string - in: body name: ALBIpAddrGroup required: true schema: $ref: '#/definitions/ALBIpAddrGroup' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBIpAddrGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBIpAddrGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb IP Addr Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-l4-policy-sets: get: consumes: - application/json description: | Paginated list of all ALBL4PolicySet for infra. operationId: ListALBL4PolicySet parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBL4PolicySetApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBL4PolicySet for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb L4 Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-l4-policy-sets/{alb-l4policyset-id}: delete: consumes: - application/json description: | Delete the ALBL4PolicySet along with all the entities contained by this ALBL4PolicySet. operationId: DeleteALBL4PolicySet parameters: - description: |- ALBL4PolicySet ID in: path name: alb-l4policyset-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBL4PolicySet and all the entities contained by this ALBL4PolicySet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb L4 Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBL4PolicySet. operationId: ReadALBL4PolicySet parameters: - description: |- ALBL4PolicySet ID in: path name: alb-l4policyset-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBL4PolicySet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBL4PolicySet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb L4 Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBl4policyset with the alb-l4policyset-id is not already present, create a new ALBl4policyset. If it already exists, update the ALBl4policyset. This is a full replace. operationId: PatchALBL4PolicySet parameters: - description: |- ALBl4policyset ID in: path name: alb-l4policyset-id required: true type: string - in: body name: ALBL4PolicySet required: true schema: $ref: '#/definitions/ALBL4PolicySet' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBl4policyset tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb L4 Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBL4PolicySet with the alb-L4PolicySet-id is not already present, create a new ALBL4PolicySet. If it already exists, update the ALBL4PolicySet. This is a full replace. operationId: UpdateALBL4PolicySet parameters: - description: |- ALBL4PolicySet ID in: path name: alb-l4policyset-id required: true type: string - in: body name: ALBL4PolicySet required: true schema: $ref: '#/definitions/ALBL4PolicySet' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBL4PolicySet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBL4PolicySet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb L4 Policy Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-network-profiles: get: consumes: - application/json description: | Paginated list of all ALBNetworkProfile for infra. operationId: ListALBNetworkProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBNetworkProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBNetworkProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-network-profiles/{alb-networkprofile-id}: delete: consumes: - application/json description: | Delete the ALBNetworkProfile along with all the entities contained by this ALBNetworkProfile. operationId: DeleteALBNetworkProfile parameters: - description: |- ALBNetworkProfile ID in: path name: alb-networkprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBNetworkProfile and all the entities contained by this ALBNetworkProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBNetworkProfile. operationId: ReadALBNetworkProfile parameters: - description: |- ALBNetworkProfile ID in: path name: alb-networkprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBNetworkProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBNetworkProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBnetworkprofile with the alb-networkprofile-id is not already present, create a new ALBnetworkprofile. If it already exists, update the ALBnetworkprofile. This is a full replace. operationId: PatchALBNetworkProfile parameters: - description: |- ALBnetworkprofile ID in: path name: alb-networkprofile-id required: true type: string - in: body name: ALBNetworkProfile required: true schema: $ref: '#/definitions/ALBNetworkProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBnetworkprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBNetworkProfile with the alb-NetworkProfile-id is not already present, create a new ALBNetworkProfile. If it already exists, update the ALBNetworkProfile. This is a full replace. operationId: UpdateALBNetworkProfile parameters: - description: |- ALBNetworkProfile ID in: path name: alb-networkprofile-id required: true type: string - in: body name: ALBNetworkProfile required: true schema: $ref: '#/definitions/ALBNetworkProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBNetworkProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBNetworkProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-network-security-policies: get: consumes: - application/json description: | Paginated list of all ALBNetworkSecurityPolicy for infra. operationId: ListALBNetworkSecurityPolicy parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBNetworkSecurityPolicyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBNetworkSecurityPolicy for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-network-security-policies/{alb-networksecuritypolicy-id}: delete: consumes: - application/json description: | Delete the ALBNetworkSecurityPolicy along with all the entities contained by this ALBNetworkSecurityPolicy. operationId: DeleteALBNetworkSecurityPolicy parameters: - description: |- ALBNetworkSecurityPolicy ID in: path name: alb-networksecuritypolicy-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBNetworkSecurityPolicy and all the entities contained by this ALBNetworkSecurityPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBNetworkSecurityPolicy. operationId: ReadALBNetworkSecurityPolicy parameters: - description: |- ALBNetworkSecurityPolicy ID in: path name: alb-networksecuritypolicy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBNetworkSecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBNetworkSecurityPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBnetworksecuritypolicy with the alb-networksecuritypolicy-id is not already present, create a new ALBnetworksecuritypolicy. If it already exists, update the ALBnetworksecuritypolicy. This is a full replace. operationId: PatchALBNetworkSecurityPolicy parameters: - description: |- ALBnetworksecuritypolicy ID in: path name: alb-networksecuritypolicy-id required: true type: string - in: body name: ALBNetworkSecurityPolicy required: true schema: $ref: '#/definitions/ALBNetworkSecurityPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBnetworksecuritypolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBNetworkSecurityPolicy with the alb-NetworkSecurityPolicy-id is not already present, create a new ALBNetworkSecurityPolicy. If it already exists, update the ALBNetworkSecurityPolicy. This is a full replace. operationId: UpdateALBNetworkSecurityPolicy parameters: - description: |- ALBNetworkSecurityPolicy ID in: path name: alb-networksecuritypolicy-id required: true type: string - in: body name: ALBNetworkSecurityPolicy required: true schema: $ref: '#/definitions/ALBNetworkSecurityPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBNetworkSecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBNetworkSecurityPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Network Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-onboarding-workflow: put: consumes: - application/json description: | Set the post deployment cluster configuration for Advanced Load Balancer controller cluster. operationId: IntiateAlbOnBoardingWorkflow parameters: - in: body name: ALBControllerConfiguration required: true schema: $ref: '#/definitions/ALBControllerConfiguration' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/EnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- This is Post Controller Deployment Workflow. It will create role if not exist Create Service User Set System Configuration Create Enforcement Point Save Infra-Admin Creds to DB. tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Onboarding Workflow x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-onboarding-workflow/{managed-by}: delete: consumes: - application/json description: | Delete the EnforcementPoint along with Infra Admin credentials. operationId: DeleteAlbOnBoardingWorkflow parameters: - description: |- On Boarding flow managed by LCM/VCF. in: path name: managed-by required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete EnforcementPoint and the Infra Admin credentials contained by this workflow tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Onboarding Workflow x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pki-profiles: get: consumes: - application/json description: | Paginated list of all ALBPKIProfile for infra. operationId: ListALBPKIProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPKIProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBPKIProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pki Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pki-profiles/{alb-pkiprofile-id}: delete: consumes: - application/json description: | Delete the ALBPKIProfile along with all the entities contained by this ALBPKIProfile. operationId: DeleteALBPKIProfile parameters: - description: |- ALBPKIProfile ID in: path name: alb-pkiprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBPKIProfile and all the entities contained by this ALBPKIProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pki Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBPKIProfile. operationId: ReadALBPKIProfile parameters: - description: |- ALBPKIProfile ID in: path name: alb-pkiprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPKIProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBPKIProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pki Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBpkiprofile with the alb-pkiprofile-id is not already present, create a new ALBpkiprofile. If it already exists, update the ALBpkiprofile. This is a full replace. operationId: PatchALBPKIProfile parameters: - description: |- ALBpkiprofile ID in: path name: alb-pkiprofile-id required: true type: string - in: body name: ALBPKIProfile required: true schema: $ref: '#/definitions/ALBPKIProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBpkiprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pki Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBPKIProfile with the alb-PKIProfile-id is not already present, create a new ALBPKIProfile. If it already exists, update the ALBPKIProfile. This is a full replace. operationId: UpdateALBPKIProfile parameters: - description: |- ALBPKIProfile ID in: path name: alb-pkiprofile-id required: true type: string - in: body name: ALBPKIProfile required: true schema: $ref: '#/definitions/ALBPKIProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPKIProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBPKIProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pki Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pool-group-deployment-policies: get: consumes: - application/json description: | Paginated list of all ALBPoolGroupDeploymentPolicy for infra. operationId: ListALBPoolGroupDeploymentPolicy parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPoolGroupDeploymentPolicyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBPoolGroupDeploymentPolicy for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Group Deployment Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pool-group-deployment-policies/{alb-poolgroupdeploymentpolicy-id}: delete: consumes: - application/json description: | Delete the ALBPoolGroupDeploymentPolicy along with all the entities contained by this ALBPoolGroupDeploymentPolicy. operationId: DeleteALBPoolGroupDeploymentPolicy parameters: - description: |- ALBPoolGroupDeploymentPolicy ID in: path name: alb-poolgroupdeploymentpolicy-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBPoolGroupDeploymentPolicy and all the entities contained by this ALBPoolGroupDeploymentPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Group Deployment Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBPoolGroupDeploymentPolicy. operationId: ReadALBPoolGroupDeploymentPolicy parameters: - description: |- ALBPoolGroupDeploymentPolicy ID in: path name: alb-poolgroupdeploymentpolicy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPoolGroupDeploymentPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBPoolGroupDeploymentPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Group Deployment Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBpoolgroupdeploymentpolicy with the alb-poolgroupdeploymentpolicy-id is not already present, create a new ALBpoolgroupdeploymentpolicy. If it already exists, update the ALBpoolgroupdeploymentpolicy. This is a full replace. operationId: PatchALBPoolGroupDeploymentPolicy parameters: - description: |- ALBpoolgroupdeploymentpolicy ID in: path name: alb-poolgroupdeploymentpolicy-id required: true type: string - in: body name: ALBPoolGroupDeploymentPolicy required: true schema: $ref: '#/definitions/ALBPoolGroupDeploymentPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBpoolgroupdeploymentpolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Group Deployment Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBPoolGroupDeploymentPolicy with the alb-PoolGroupDeploymentPolicy-id is not already present, create a new ALBPoolGroupDeploymentPolicy. If it already exists, update the ALBPoolGroupDeploymentPolicy. This is a full replace. operationId: UpdateALBPoolGroupDeploymentPolicy parameters: - description: |- ALBPoolGroupDeploymentPolicy ID in: path name: alb-poolgroupdeploymentpolicy-id required: true type: string - in: body name: ALBPoolGroupDeploymentPolicy required: true schema: $ref: '#/definitions/ALBPoolGroupDeploymentPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPoolGroupDeploymentPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBPoolGroupDeploymentPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Group Deployment Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pool-groups: get: consumes: - application/json description: | Paginated list of all ALBPoolGroup for infra. operationId: ListALBPoolGroup parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPoolGroupApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBPoolGroup for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pool-groups/{alb-poolgroup-id}: delete: consumes: - application/json description: | Delete the ALBPoolGroup along with all the entities contained by this ALBPoolGroup. operationId: DeleteALBPoolGroup parameters: - description: |- ALBPoolGroup ID in: path name: alb-poolgroup-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBPoolGroup and all the entities contained by this ALBPoolGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBPoolGroup. operationId: ReadALBPoolGroup parameters: - description: |- ALBPoolGroup ID in: path name: alb-poolgroup-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPoolGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBPoolGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBpoolgroup with the alb-poolgroup-id is not already present, create a new ALBpoolgroup. If it already exists, update the ALBpoolgroup. This is a full replace. operationId: PatchALBPoolGroup parameters: - description: |- ALBpoolgroup ID in: path name: alb-poolgroup-id required: true type: string - in: body name: ALBPoolGroup required: true schema: $ref: '#/definitions/ALBPoolGroup' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBpoolgroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBPoolGroup with the alb-PoolGroup-id is not already present, create a new ALBPoolGroup. If it already exists, update the ALBPoolGroup. This is a full replace. operationId: UpdateALBPoolGroup parameters: - description: |- ALBPoolGroup ID in: path name: alb-poolgroup-id required: true type: string - in: body name: ALBPoolGroup required: true schema: $ref: '#/definitions/ALBPoolGroup' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPoolGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBPoolGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pool Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pools: get: consumes: - application/json description: | Paginated list of all ALBPool for infra. operationId: ListALBPool parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPoolApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBPool for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pools x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-pools/{alb-pool-id}: delete: consumes: - application/json description: | Delete the ALBPool along with all the entities contained by this ALBPool. operationId: DeleteALBPool parameters: - description: |- ALBPool ID in: path name: alb-pool-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBPool and all the entities contained by this ALBPool tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pools x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBPool. operationId: ReadALBPool parameters: - description: |- ALBPool ID in: path name: alb-pool-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPool' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBPool tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pools x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBpool with the alb-pool-id is not already present, create a new ALBpool. If it already exists, update the ALBpool. This is a full replace. operationId: PatchALBPool parameters: - description: |- ALBpool ID in: path name: alb-pool-id required: true type: string - in: body name: ALBPool required: true schema: $ref: '#/definitions/ALBPool' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBpool tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pools x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBPool with the alb-Pool-id is not already present, create a new ALBPool. If it already exists, update the ALBPool. This is a full replace. operationId: UpdateALBPool parameters: - description: |- ALBPool ID in: path name: alb-pool-id required: true type: string - in: body name: ALBPool required: true schema: $ref: '#/definitions/ALBPool' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPool' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBPool tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Pools x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-priority-labels: get: consumes: - application/json description: | Paginated list of all ALBPriorityLabels for infra. operationId: ListALBPriorityLabels parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPriorityLabelsApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBPriorityLabels for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Priority Labels x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-priority-labels/{alb-prioritylabels-id}: delete: consumes: - application/json description: | Delete the ALBPriorityLabels along with all the entities contained by this ALBPriorityLabels. operationId: DeleteALBPriorityLabels parameters: - description: |- ALBPriorityLabels ID in: path name: alb-prioritylabels-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBPriorityLabels and all the entities contained by this ALBPriorityLabels tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Priority Labels x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBPriorityLabels. operationId: ReadALBPriorityLabels parameters: - description: |- ALBPriorityLabels ID in: path name: alb-prioritylabels-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPriorityLabels' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBPriorityLabels tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Priority Labels x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBprioritylabels with the alb-prioritylabels-id is not already present, create a new ALBprioritylabels. If it already exists, update the ALBprioritylabels. This is a full replace. operationId: PatchALBPriorityLabels parameters: - description: |- ALBprioritylabels ID in: path name: alb-prioritylabels-id required: true type: string - in: body name: ALBPriorityLabels required: true schema: $ref: '#/definitions/ALBPriorityLabels' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBprioritylabels tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Priority Labels x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBPriorityLabels with the alb-PriorityLabels-id is not already present, create a new ALBPriorityLabels. If it already exists, update the ALBPriorityLabels. This is a full replace. operationId: UpdateALBPriorityLabels parameters: - description: |- ALBPriorityLabels ID in: path name: alb-prioritylabels-id required: true type: string - in: body name: ALBPriorityLabels required: true schema: $ref: '#/definitions/ALBPriorityLabels' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBPriorityLabels' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBPriorityLabels tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Priority Labels x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-protocol-parsers: get: consumes: - application/json description: | Paginated list of all ALBProtocolParser for infra. operationId: ListALBProtocolParser parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBProtocolParserApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBProtocolParser for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Protocol Parsers x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-protocol-parsers/{alb-protocolparser-id}: delete: consumes: - application/json description: | Delete the ALBProtocolParser along with all the entities contained by this ALBProtocolParser. operationId: DeleteALBProtocolParser parameters: - description: |- ALBProtocolParser ID in: path name: alb-protocolparser-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBProtocolParser and all the entities contained by this ALBProtocolParser tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Protocol Parsers x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBProtocolParser. operationId: ReadALBProtocolParser parameters: - description: |- ALBProtocolParser ID in: path name: alb-protocolparser-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBProtocolParser' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBProtocolParser tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Protocol Parsers x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBprotocolparser with the alb-protocolparser-id is not already present, create a new ALBprotocolparser. If it already exists, update the ALBprotocolparser. This is a full replace. operationId: PatchALBProtocolParser parameters: - description: |- ALBprotocolparser ID in: path name: alb-protocolparser-id required: true type: string - in: body name: ALBProtocolParser required: true schema: $ref: '#/definitions/ALBProtocolParser' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBprotocolparser tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Protocol Parsers x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBProtocolParser with the alb-ProtocolParser-id is not already present, create a new ALBProtocolParser. If it already exists, update the ALBProtocolParser. This is a full replace. operationId: UpdateALBProtocolParser parameters: - description: |- ALBProtocolParser ID in: path name: alb-protocolparser-id required: true type: string - in: body name: ALBProtocolParser required: true schema: $ref: '#/definitions/ALBProtocolParser' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBProtocolParser' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBProtocolParser tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Protocol Parsers x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-security-policies: get: consumes: - application/json description: | Paginated list of all ALBSecurityPolicy for infra. operationId: ListALBSecurityPolicy parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSecurityPolicyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBSecurityPolicy for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-security-policies/{alb-securitypolicy-id}: delete: consumes: - application/json description: | Delete the ALBSecurityPolicy along with all the entities contained by this ALBSecurityPolicy. operationId: DeleteALBSecurityPolicy parameters: - description: |- ALBSecurityPolicy ID in: path name: alb-securitypolicy-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBSecurityPolicy and all the entities contained by this ALBSecurityPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBSecurityPolicy. operationId: ReadALBSecurityPolicy parameters: - description: |- ALBSecurityPolicy ID in: path name: alb-securitypolicy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBSecurityPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBsecuritypolicy with the alb-securitypolicy-id is not already present, create a new ALBsecuritypolicy. If it already exists, update the ALBsecuritypolicy. This is a full replace. operationId: PatchALBSecurityPolicy parameters: - description: |- ALBsecuritypolicy ID in: path name: alb-securitypolicy-id required: true type: string - in: body name: ALBSecurityPolicy required: true schema: $ref: '#/definitions/ALBSecurityPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBsecuritypolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBSecurityPolicy with the alb-SecurityPolicy-id is not already present, create a new ALBSecurityPolicy. If it already exists, update the ALBSecurityPolicy. This is a full replace. operationId: UpdateALBSecurityPolicy parameters: - description: |- ALBSecurityPolicy ID in: path name: alb-securitypolicy-id required: true type: string - in: body name: ALBSecurityPolicy required: true schema: $ref: '#/definitions/ALBSecurityPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBSecurityPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Security Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-server-auto-scale-policies: get: consumes: - application/json description: | Paginated list of all ALBServerAutoScalePolicy for infra. operationId: ListALBServerAutoScalePolicy parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBServerAutoScalePolicyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBServerAutoScalePolicy for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Server Auto Scale Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-server-auto-scale-policies/{alb-serverautoscalepolicy-id}: delete: consumes: - application/json description: | Delete the ALBServerAutoScalePolicy along with all the entities contained by this ALBServerAutoScalePolicy. operationId: DeleteALBServerAutoScalePolicy parameters: - description: |- ALBServerAutoScalePolicy ID in: path name: alb-serverautoscalepolicy-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBServerAutoScalePolicy and all the entities contained by this ALBServerAutoScalePolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Server Auto Scale Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBServerAutoScalePolicy. operationId: ReadALBServerAutoScalePolicy parameters: - description: |- ALBServerAutoScalePolicy ID in: path name: alb-serverautoscalepolicy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBServerAutoScalePolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBServerAutoScalePolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Server Auto Scale Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBserverautoscalepolicy with the alb-serverautoscalepolicy-id is not already present, create a new ALBserverautoscalepolicy. If it already exists, update the ALBserverautoscalepolicy. This is a full replace. operationId: PatchALBServerAutoScalePolicy parameters: - description: |- ALBserverautoscalepolicy ID in: path name: alb-serverautoscalepolicy-id required: true type: string - in: body name: ALBServerAutoScalePolicy required: true schema: $ref: '#/definitions/ALBServerAutoScalePolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBserverautoscalepolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Server Auto Scale Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBServerAutoScalePolicy with the alb-ServerAutoScalePolicy-id is not already present, create a new ALBServerAutoScalePolicy. If it already exists, update the ALBServerAutoScalePolicy. This is a full replace. operationId: UpdateALBServerAutoScalePolicy parameters: - description: |- ALBServerAutoScalePolicy ID in: path name: alb-serverautoscalepolicy-id required: true type: string - in: body name: ALBServerAutoScalePolicy required: true schema: $ref: '#/definitions/ALBServerAutoScalePolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBServerAutoScalePolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBServerAutoScalePolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Server Auto Scale Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-ssl-key-and-certificates: get: consumes: - application/json description: | Paginated list of all ALBSSLKeyAndCertificate for infra. operationId: ListALBSSLKeyAndCertificate parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSLKeyAndCertificateApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBSSLKeyAndCertificate for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Key And Certificates x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-ssl-key-and-certificates/{alb-sslkeyandcertificate-id}: delete: consumes: - application/json description: | Delete the ALBSSLKeyAndCertificate along with all the entities contained by this ALBSSLKeyAndCertificate. operationId: DeleteALBSSLKeyAndCertificate parameters: - description: |- ALBSSLKeyAndCertificate ID in: path name: alb-sslkeyandcertificate-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBSSLKeyAndCertificate and all the entities contained by this ALBSSLKeyAndCertificate tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Key And Certificates x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBSSLKeyAndCertificate. operationId: ReadALBSSLKeyAndCertificate parameters: - description: |- ALBSSLKeyAndCertificate ID in: path name: alb-sslkeyandcertificate-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSLKeyAndCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBSSLKeyAndCertificate tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Key And Certificates x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBsslkeyandcertificate with the alb-sslkeyandcertificate-id is not already present, create a new ALBsslkeyandcertificate. If it already exists, update the ALBsslkeyandcertificate. This is a full replace. operationId: PatchALBSSLKeyAndCertificate parameters: - description: |- ALBsslkeyandcertificate ID in: path name: alb-sslkeyandcertificate-id required: true type: string - in: body name: ALBSSLKeyAndCertificate required: true schema: $ref: '#/definitions/ALBSSLKeyAndCertificate' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBsslkeyandcertificate tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Key And Certificates x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBSSLKeyAndCertificate with the alb-SSLKeyAndCertificate-id is not already present, create a new ALBSSLKeyAndCertificate. If it already exists, update the ALBSSLKeyAndCertificate. This is a full replace. operationId: UpdateALBSSLKeyAndCertificate parameters: - description: |- ALBSSLKeyAndCertificate ID in: path name: alb-sslkeyandcertificate-id required: true type: string - in: body name: ALBSSLKeyAndCertificate required: true schema: $ref: '#/definitions/ALBSSLKeyAndCertificate' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSLKeyAndCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBSSLKeyAndCertificate tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Key And Certificates x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-ssl-profiles: get: consumes: - application/json description: | Paginated list of all ALBSSLProfile for infra. operationId: ListALBSSLProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSLProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBSSLProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-ssl-profiles/{alb-sslprofile-id}: delete: consumes: - application/json description: | Delete the ALBSSLProfile along with all the entities contained by this ALBSSLProfile. operationId: DeleteALBSSLProfile parameters: - description: |- ALBSSLProfile ID in: path name: alb-sslprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBSSLProfile and all the entities contained by this ALBSSLProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBSSLProfile. operationId: ReadALBSSLProfile parameters: - description: |- ALBSSLProfile ID in: path name: alb-sslprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSLProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBSSLProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBsslprofile with the alb-sslprofile-id is not already present, create a new ALBsslprofile. If it already exists, update the ALBsslprofile. This is a full replace. operationId: PatchALBSSLProfile parameters: - description: |- ALBsslprofile ID in: path name: alb-sslprofile-id required: true type: string - in: body name: ALBSSLProfile required: true schema: $ref: '#/definitions/ALBSSLProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBsslprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBSSLProfile with the alb-SSLProfile-id is not already present, create a new ALBSSLProfile. If it already exists, update the ALBSSLProfile. This is a full replace. operationId: UpdateALBSSLProfile parameters: - description: |- ALBSSLProfile ID in: path name: alb-sslprofile-id required: true type: string - in: body name: ALBSSLProfile required: true schema: $ref: '#/definitions/ALBSSLProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSLProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBSSLProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb SSL Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-sso-policies: get: consumes: - application/json description: | Paginated list of all ALBSSOPolicy for infra. operationId: ListALBSSOPolicy parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSOPolicyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBSSOPolicy for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Sso Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-sso-policies/{alb-ssopolicy-id}: delete: consumes: - application/json description: | Delete the ALBSSOPolicy along with all the entities contained by this ALBSSOPolicy. operationId: DeleteALBSSOPolicy parameters: - description: |- ALBSSOPolicy ID in: path name: alb-ssopolicy-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBSSOPolicy and all the entities contained by this ALBSSOPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Sso Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBSSOPolicy. operationId: ReadALBSSOPolicy parameters: - description: |- ALBSSOPolicy ID in: path name: alb-ssopolicy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSOPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBSSOPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Sso Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBssopolicy with the alb-ssopolicy-id is not already present, create a new ALBssopolicy. If it already exists, update the ALBssopolicy. This is a full replace. operationId: PatchALBSSOPolicy parameters: - description: |- ALBssopolicy ID in: path name: alb-ssopolicy-id required: true type: string - in: body name: ALBSSOPolicy required: true schema: $ref: '#/definitions/ALBSSOPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBssopolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Sso Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBSSOPolicy with the alb-SSOPolicy-id is not already present, create a new ALBSSOPolicy. If it already exists, update the ALBSSOPolicy. This is a full replace. operationId: UpdateALBSSOPolicy parameters: - description: |- ALBSSOPolicy ID in: path name: alb-ssopolicy-id required: true type: string - in: body name: ALBSSOPolicy required: true schema: $ref: '#/definitions/ALBSSOPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBSSOPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBSSOPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Sso Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-string-groups: get: consumes: - application/json description: | Paginated list of all ALBStringGroup for infra. operationId: ListALBStringGroup parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBStringGroupApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBStringGroup for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb String Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-string-groups/{alb-stringgroup-id}: delete: consumes: - application/json description: | Delete the ALBStringGroup along with all the entities contained by this ALBStringGroup. operationId: DeleteALBStringGroup parameters: - description: |- ALBStringGroup ID in: path name: alb-stringgroup-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBStringGroup and all the entities contained by this ALBStringGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb String Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBStringGroup. operationId: ReadALBStringGroup parameters: - description: |- ALBStringGroup ID in: path name: alb-stringgroup-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBStringGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBStringGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb String Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBstringgroup with the alb-stringgroup-id is not already present, create a new ALBstringgroup. If it already exists, update the ALBstringgroup. This is a full replace. operationId: PatchALBStringGroup parameters: - description: |- ALBstringgroup ID in: path name: alb-stringgroup-id required: true type: string - in: body name: ALBStringGroup required: true schema: $ref: '#/definitions/ALBStringGroup' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBstringgroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb String Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBStringGroup with the alb-StringGroup-id is not already present, create a new ALBStringGroup. If it already exists, update the ALBStringGroup. This is a full replace. operationId: UpdateALBStringGroup parameters: - description: |- ALBStringGroup ID in: path name: alb-stringgroup-id required: true type: string - in: body name: ALBStringGroup required: true schema: $ref: '#/definitions/ALBStringGroup' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBStringGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBStringGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb String Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-traffic-clone-profiles: get: consumes: - application/json description: | Paginated list of all ALBTrafficCloneProfile for infra. operationId: ListALBTrafficCloneProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBTrafficCloneProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBTrafficCloneProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Traffic Clone Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-traffic-clone-profiles/{alb-trafficcloneprofile-id}: delete: consumes: - application/json description: | Delete the ALBTrafficCloneProfile along with all the entities contained by this ALBTrafficCloneProfile. operationId: DeleteALBTrafficCloneProfile parameters: - description: |- ALBTrafficCloneProfile ID in: path name: alb-trafficcloneprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBTrafficCloneProfile and all the entities contained by this ALBTrafficCloneProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Traffic Clone Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBTrafficCloneProfile. operationId: ReadALBTrafficCloneProfile parameters: - description: |- ALBTrafficCloneProfile ID in: path name: alb-trafficcloneprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBTrafficCloneProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBTrafficCloneProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Traffic Clone Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBtrafficcloneprofile with the alb-trafficcloneprofile-id is not already present, create a new ALBtrafficcloneprofile. If it already exists, update the ALBtrafficcloneprofile. This is a full replace. operationId: PatchALBTrafficCloneProfile parameters: - description: |- ALBtrafficcloneprofile ID in: path name: alb-trafficcloneprofile-id required: true type: string - in: body name: ALBTrafficCloneProfile required: true schema: $ref: '#/definitions/ALBTrafficCloneProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBtrafficcloneprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Traffic Clone Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBTrafficCloneProfile with the alb-TrafficCloneProfile-id is not already present, create a new ALBTrafficCloneProfile. If it already exists, update the ALBTrafficCloneProfile. This is a full replace. operationId: UpdateALBTrafficCloneProfile parameters: - description: |- ALBTrafficCloneProfile ID in: path name: alb-trafficcloneprofile-id required: true type: string - in: body name: ALBTrafficCloneProfile required: true schema: $ref: '#/definitions/ALBTrafficCloneProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBTrafficCloneProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBTrafficCloneProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Traffic Clone Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-virtual-services: get: consumes: - application/json description: | Paginated list of all ALBVirtualService for infra. operationId: ListALBVirtualService parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVirtualServiceApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBVirtualService for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Virtual Services x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-virtual-services/{alb-virtualservice-id}: delete: consumes: - application/json description: | Delete the ALBVirtualService along with all the entities contained by this ALBVirtualService. operationId: DeleteALBVirtualService parameters: - description: |- ALBVirtualService ID in: path name: alb-virtualservice-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBVirtualService and all the entities contained by this ALBVirtualService tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Virtual Services x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBVirtualService. operationId: ReadALBVirtualService parameters: - description: |- ALBVirtualService ID in: path name: alb-virtualservice-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVirtualService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBVirtualService tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Virtual Services x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBvirtualservice with the alb-virtualservice-id is not already present, create a new ALBvirtualservice. If it already exists, update the ALBvirtualservice. This is a full replace. operationId: PatchALBVirtualService parameters: - description: |- ALBvirtualservice ID in: path name: alb-virtualservice-id required: true type: string - in: body name: ALBVirtualService required: true schema: $ref: '#/definitions/ALBVirtualService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBvirtualservice tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Virtual Services x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBVirtualService with the alb-VirtualService-id is not already present, create a new ALBVirtualService. If it already exists, update the ALBVirtualService. This is a full replace. operationId: UpdateALBVirtualService parameters: - description: |- ALBVirtualService ID in: path name: alb-virtualservice-id required: true type: string - in: body name: ALBVirtualService required: true schema: $ref: '#/definitions/ALBVirtualService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVirtualService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBVirtualService tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Virtual Services x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-vs-data-script-sets: get: consumes: - application/json description: | Paginated list of all ALBVSDataScriptSet for infra. operationId: ListALBVSDataScriptSet parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVSDataScriptSetApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBVSDataScriptSet for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Data Script Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-vs-data-script-sets/{alb-vsdatascriptset-id}: delete: consumes: - application/json description: | Delete the ALBVSDataScriptSet along with all the entities contained by this ALBVSDataScriptSet. operationId: DeleteALBVSDataScriptSet parameters: - description: |- ALBVSDataScriptSet ID in: path name: alb-vsdatascriptset-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBVSDataScriptSet and all the entities contained by this ALBVSDataScriptSet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Data Script Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBVSDataScriptSet. operationId: ReadALBVSDataScriptSet parameters: - description: |- ALBVSDataScriptSet ID in: path name: alb-vsdatascriptset-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVSDataScriptSet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBVSDataScriptSet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Data Script Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBvsdatascriptset with the alb-vsdatascriptset-id is not already present, create a new ALBvsdatascriptset. If it already exists, update the ALBvsdatascriptset. This is a full replace. operationId: PatchALBVSDataScriptSet parameters: - description: |- ALBvsdatascriptset ID in: path name: alb-vsdatascriptset-id required: true type: string - in: body name: ALBVSDataScriptSet required: true schema: $ref: '#/definitions/ALBVSDataScriptSet' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBvsdatascriptset tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Data Script Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBVSDataScriptSet with the alb-VSDataScriptSet-id is not already present, create a new ALBVSDataScriptSet. If it already exists, update the ALBVSDataScriptSet. This is a full replace. operationId: UpdateALBVSDataScriptSet parameters: - description: |- ALBVSDataScriptSet ID in: path name: alb-vsdatascriptset-id required: true type: string - in: body name: ALBVSDataScriptSet required: true schema: $ref: '#/definitions/ALBVSDataScriptSet' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVSDataScriptSet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBVSDataScriptSet tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Data Script Sets x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-vs-vips: get: consumes: - application/json description: | Paginated list of all ALBVsVip for infra. operationId: ListALBVsVip parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVsVipApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBVsVip for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Vips x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-vs-vips/{alb-vsvip-id}: delete: consumes: - application/json description: | Delete the ALBVsVip along with all the entities contained by this ALBVsVip. operationId: DeleteALBVsVip parameters: - description: |- ALBVsVip ID in: path name: alb-vsvip-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBVsVip and all the entities contained by this ALBVsVip tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Vips x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBVsVip. operationId: ReadALBVsVip parameters: - description: |- ALBVsVip ID in: path name: alb-vsvip-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVsVip' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBVsVip tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Vips x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBvsvip with the alb-vsvip-id is not already present, create a new ALBvsvip. If it already exists, update the ALBvsvip. This is a full replace. operationId: PatchALBVsVip parameters: - description: |- ALBvsvip ID in: path name: alb-vsvip-id required: true type: string - in: body name: ALBVsVip required: true schema: $ref: '#/definitions/ALBVsVip' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBvsvip tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Vips x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBVsVip with the alb-VsVip-id is not already present, create a new ALBVsVip. If it already exists, update the ALBVsVip. This is a full replace. operationId: UpdateALBVsVip parameters: - description: |- ALBVsVip ID in: path name: alb-vsvip-id required: true type: string - in: body name: ALBVsVip required: true schema: $ref: '#/definitions/ALBVsVip' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBVsVip' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBVsVip tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Vs Vips x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-crs: get: consumes: - application/json description: | Paginated list of all ALBWafCRS for infra. operationId: ListALBWafCRS parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafCRSApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBWafCRS for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Crs x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-crs/{alb-wafcrs-id}: delete: consumes: - application/json description: | Delete the ALBWafCRS along with all the entities contained by this ALBWafCRS. operationId: DeleteALBWafCRS parameters: - description: |- ALBWafCRS ID in: path name: alb-wafcrs-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBWafCRS and all the entities contained by this ALBWafCRS tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Crs x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBWafCRS. operationId: ReadALBWafCRS parameters: - description: |- ALBWafCRS ID in: path name: alb-wafcrs-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafCRS' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBWafCRS tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Crs x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBwafcrs with the alb-wafcrs-id is not already present, create a new ALBwafcrs. If it already exists, update the ALBwafcrs. This is a full replace. operationId: PatchALBWafCRS parameters: - description: |- ALBwafcrs ID in: path name: alb-wafcrs-id required: true type: string - in: body name: ALBWafCRS required: true schema: $ref: '#/definitions/ALBWafCRS' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBwafcrs tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Crs x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBWafCRS with the alb-WafCRS-id is not already present, create a new ALBWafCRS. If it already exists, update the ALBWafCRS. This is a full replace. operationId: UpdateALBWafCRS parameters: - description: |- ALBWafCRS ID in: path name: alb-wafcrs-id required: true type: string - in: body name: ALBWafCRS required: true schema: $ref: '#/definitions/ALBWafCRS' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafCRS' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBWafCRS tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Crs x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-policies: get: consumes: - application/json description: | Paginated list of all ALBWafPolicy for infra. operationId: ListALBWafPolicy parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafPolicyApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBWafPolicy for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-policies/{alb-wafpolicy-id}: delete: consumes: - application/json description: | Delete the ALBWafPolicy along with all the entities contained by this ALBWafPolicy. operationId: DeleteALBWafPolicy parameters: - description: |- ALBWafPolicy ID in: path name: alb-wafpolicy-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBWafPolicy and all the entities contained by this ALBWafPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBWafPolicy. operationId: ReadALBWafPolicy parameters: - description: |- ALBWafPolicy ID in: path name: alb-wafpolicy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBWafPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBwafpolicy with the alb-wafpolicy-id is not already present, create a new ALBwafpolicy. If it already exists, update the ALBwafpolicy. This is a full replace. operationId: PatchALBWafPolicy parameters: - description: |- ALBwafpolicy ID in: path name: alb-wafpolicy-id required: true type: string - in: body name: ALBWafPolicy required: true schema: $ref: '#/definitions/ALBWafPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBwafpolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBWafPolicy with the alb-WafPolicy-id is not already present, create a new ALBWafPolicy. If it already exists, update the ALBWafPolicy. This is a full replace. operationId: UpdateALBWafPolicy parameters: - description: |- ALBWafPolicy ID in: path name: alb-wafpolicy-id required: true type: string - in: body name: ALBWafPolicy required: true schema: $ref: '#/definitions/ALBWafPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBWafPolicy tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policies x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-policy-psm-groups: get: consumes: - application/json description: | Paginated list of all ALBWafPolicyPSMGroup for infra. operationId: ListALBWafPolicyPSMGroup parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafPolicyPSMGroupApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBWafPolicyPSMGroup for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policy Psm Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-policy-psm-groups/{alb-wafpolicypsmgroup-id}: delete: consumes: - application/json description: | Delete the ALBWafPolicyPSMGroup along with all the entities contained by this ALBWafPolicyPSMGroup. operationId: DeleteALBWafPolicyPSMGroup parameters: - description: |- ALBWafPolicyPSMGroup ID in: path name: alb-wafpolicypsmgroup-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBWafPolicyPSMGroup and all the entities contained by this ALBWafPolicyPSMGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policy Psm Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBWafPolicyPSMGroup. operationId: ReadALBWafPolicyPSMGroup parameters: - description: |- ALBWafPolicyPSMGroup ID in: path name: alb-wafpolicypsmgroup-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafPolicyPSMGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBWafPolicyPSMGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policy Psm Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBwafpolicypsmgroup with the alb-wafpolicypsmgroup-id is not already present, create a new ALBwafpolicypsmgroup. If it already exists, update the ALBwafpolicypsmgroup. This is a full replace. operationId: PatchALBWafPolicyPSMGroup parameters: - description: |- ALBwafpolicypsmgroup ID in: path name: alb-wafpolicypsmgroup-id required: true type: string - in: body name: ALBWafPolicyPSMGroup required: true schema: $ref: '#/definitions/ALBWafPolicyPSMGroup' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBwafpolicypsmgroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policy Psm Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBWafPolicyPSMGroup with the alb-WafPolicyPSMGroup-id is not already present, create a new ALBWafPolicyPSMGroup. If it already exists, update the ALBWafPolicyPSMGroup. This is a full replace. operationId: UpdateALBWafPolicyPSMGroup parameters: - description: |- ALBWafPolicyPSMGroup ID in: path name: alb-wafpolicypsmgroup-id required: true type: string - in: body name: ALBWafPolicyPSMGroup required: true schema: $ref: '#/definitions/ALBWafPolicyPSMGroup' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafPolicyPSMGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBWafPolicyPSMGroup tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Policy Psm Groups x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-profiles: get: consumes: - application/json description: | Paginated list of all ALBWafProfile for infra. operationId: ListALBWafProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafProfileApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBWafProfile for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-waf-profiles/{alb-wafprofile-id}: delete: consumes: - application/json description: | Delete the ALBWafProfile along with all the entities contained by this ALBWafProfile. operationId: DeleteALBWafProfile parameters: - description: |- ALBWafProfile ID in: path name: alb-wafprofile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBWafProfile and all the entities contained by this ALBWafProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBWafProfile. operationId: ReadALBWafProfile parameters: - description: |- ALBWafProfile ID in: path name: alb-wafprofile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBWafProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBwafprofile with the alb-wafprofile-id is not already present, create a new ALBwafprofile. If it already exists, update the ALBwafprofile. This is a full replace. operationId: PatchALBWafProfile parameters: - description: |- ALBwafprofile ID in: path name: alb-wafprofile-id required: true type: string - in: body name: ALBWafProfile required: true schema: $ref: '#/definitions/ALBWafProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBwafprofile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBWafProfile with the alb-WafProfile-id is not already present, create a new ALBWafProfile. If it already exists, update the ALBWafProfile. This is a full replace. operationId: UpdateALBWafProfile parameters: - description: |- ALBWafProfile ID in: path name: alb-wafprofile-id required: true type: string - in: body name: ALBWafProfile required: true schema: $ref: '#/definitions/ALBWafProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWafProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBWafProfile tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Waf Profiles x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-webhooks: get: consumes: - application/json description: | Paginated list of all ALBWebhook for infra. operationId: ListALBWebhook parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWebhookApiResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List ALBWebhook for infra tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Webhooks x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/alb-webhooks/{alb-webhook-id}: delete: consumes: - application/json description: | Delete the ALBWebhook along with all the entities contained by this ALBWebhook. operationId: DeleteALBWebhook parameters: - description: |- ALBWebhook ID in: path name: alb-webhook-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ALBWebhook and all the entities contained by this ALBWebhook tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Webhooks x-vmw-nsx-module: PolicyAdvancedLoadBalancer get: consumes: - application/json description: | Read a ALBWebhook. operationId: ReadALBWebhook parameters: - description: |- ALBWebhook ID in: path name: alb-webhook-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWebhook' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read ALBWebhook tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Webhooks x-vmw-nsx-module: PolicyAdvancedLoadBalancer patch: consumes: - application/json description: | If a ALBwebhook with the alb-webhook-id is not already present, create a new ALBwebhook. If it already exists, update the ALBwebhook. This is a full replace. operationId: PatchALBWebhook parameters: - description: |- ALBwebhook ID in: path name: alb-webhook-id required: true type: string - in: body name: ALBWebhook required: true schema: $ref: '#/definitions/ALBWebhook' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBwebhook tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Webhooks x-vmw-nsx-module: PolicyAdvancedLoadBalancer put: consumes: - application/json description: | If a ALBWebhook with the alb-Webhook-id is not already present, create a new ALBWebhook. If it already exists, update the ALBWebhook. This is a full replace. operationId: UpdateALBWebhook parameters: - description: |- ALBWebhook ID in: path name: alb-webhook-id required: true type: string - in: body name: ALBWebhook required: true schema: $ref: '#/definitions/ALBWebhook' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ALBWebhook' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ALBWebhook tags: - Policy - Networking - Network Services - Advanced Load Balancing - Alb Webhooks x-vmw-nsx-module: PolicyAdvancedLoadBalancer /infra/antrea/traceflows: get: consumes: - application/json description: | Paginated list of all AntreaTraceflowConfig for infra. operationId: ListAntreaTraceflowConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaTraceflowConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List AntreaTraceflowConfig for infra tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/antrea/traceflows/{traceflow-id}: delete: consumes: - application/json description: |- Delete Antrea traceflow config with id traceflow-id operationId: DeleteAntreaTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Antrea traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Antrea traceflow config with id traceflow-id operationId: ReadAntreaTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaTraceflowConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Antrea traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If an Antrea traceflow config with the traceflow-id is not already present, create a new traceflow config. operationId: PatchAntreaTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string - in: body name: AntreaTraceflowConfig required: true schema: $ref: '#/definitions/AntreaTraceflowConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create an Antrea traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity post: consumes: - application/json description: | This will retrace even if current traceflow has observations. Current observations will be lost. Traceflow configuration will be cleaned up by the system after two hours of inactivity. operationId: RestartAntreaTraceflow parameters: - in: path name: traceflow-id required: true type: string - description: Action to be performed in: query name: action type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaTraceflowConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Restart Antrea traceflow with same set of parameters used during create traceflow tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If an Antrea traceflow config with the traceflow-id is not already present, create a new traceflow config. operationId: UpdateAntreaTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string - in: body name: AntreaTraceflowConfig required: true schema: $ref: '#/definitions/AntreaTraceflowConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaTraceflowConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create an Antrea traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/antrea/traceflows/{traceflow-id}/observations: get: consumes: - application/json description: |- Read Antrea traceflow observations for id traceflow-id operationId: ListAntreaTraceflowObservations parameters: - in: path name: traceflow-id required: true type: string - description: Enforcement point path in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaTraceflowObservationListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Antrea traceflow observations tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/antrea/traceflows/{traceflow-id}/status: get: consumes: - application/json description: |- Read Antrea traceflow status with id traceflow-id operationId: ReadAntreaTraceflowStatus parameters: - in: path name: traceflow-id required: true type: string - description: Enforcement point path in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaTraceflowStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Antrea traceflow status tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/bfd-profiles: get: consumes: - application/json description: | Paginated list of all BfdProfiles. operationId: ListBfdProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BfdProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List BfdProfiles tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity /infra/bfd-profiles/{bfd-profile-id}: delete: consumes: - application/json description: |- Delete BFD Config and all the entities contained by this BfdProfile. operationId: DeleteBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete BFD Config and all the entities contained by this BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read a BfdProfile. operationId: ReadBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BfdProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a BfdProfile with the bfd-profile-id is not already present, create a new BfdProfile. If it already exists, update the BfdProfile. This operation will fully replace the object. operationId: PatchBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string - in: body name: BfdProfile required: true schema: $ref: '#/definitions/BfdProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a BfdProfile with the bfd-profile-id is not already present, create a new BfdProfile. If it already exists, update the BfdProfile. This operation will fully replace the object. operationId: UpdateBfdProfile parameters: - description: |- BfdProfile ID in: path name: bfd-profile-id required: true type: string - in: body name: BfdProfile required: true schema: $ref: '#/definitions/BfdProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BfdProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BfdProfile tags: - Policy - Networking - Networking Profiles - BFD Profiles x-vmw-nsx-module: PolicyConnectivity /infra/cabundles: get: consumes: - application/json description: | Returns information about all the bundles of trusted CA certificates. operationId: ListCaBundles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type of certificate to return enum: - cluster_api_certificate in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CaBundleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns information about all the CA bundles tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate /infra/cabundles/{cabundle-id}: delete: consumes: - application/json description: | Deletes the specified bundle of trusted CA certificates. operationId: DeleteCaBundle parameters: - description: |- ID of the CA bundle to delete in: path name: cabundle-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deletes CA bundle tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate get: consumes: - application/json description: | Returns information about the specified bundle of trusted CA certificates. operationId: GetCaBundle parameters: - description: |- ID of the CA bundle to retrieve in: path name: cabundle-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CaBundle' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns information about a CA bundle tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate patch: consumes: - application/json description: | Adds or updates a new bundle of trusted CA certificates. The bundle must be a concatenation of one or more PEM-encoded certificates. The PEM-encoded bundle is replaced with the one provided in the request. operationId: AddOrPatchCaBundle parameters: - description: |- ID of the CA bundle being updated in: path name: cabundle-id required: true type: string - in: body name: CaBundle required: true schema: $ref: '#/definitions/CaBundle' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CaBundle' '201': description: Created schema: $ref: '#/definitions/CaBundle' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Adds or updates a CA bundle tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate post: consumes: - multipart/form-data description: | Adds or replaces a new bundle of trusted CA certificates. The multipart-uploaded file must be a concatenation of one or more PEM-encoded certificates. operationId: AddOrReplaceCaBundleUpload parameters: - description: |- ID of the CA bundle being uploaded in: path name: cabundle-id required: true type: string - description: Description of this resource in: query maxLength: 1024 name: description type: string - description: Identifier to use when displaying entity in logs or GUI in: query maxLength: 255 name: display_name type: string - description: File to be uploaded in: formData name: file required: true type: file produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CaBundle' '201': description: Created schema: $ref: '#/definitions/CaBundle' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Adds or replaces a CA bundle tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate put: consumes: - application/json description: | Adds or replaces a new bundle of trusted CA certificates. The bundle must be a concatenation of one or more PEM-encoded certificates. operationId: AddOrReplaceCaBundle parameters: - description: |- ID of the CA bundle being uploaded in: path name: cabundle-id required: true type: string - in: body name: CaBundle required: true schema: $ref: '#/definitions/CaBundle' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CaBundle' '201': description: Created schema: $ref: '#/definitions/CaBundle' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Adds or replaces a CA bundle tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate /infra/cabundles/{cabundle-id}/pem-file: get: consumes: - application/json description: | Downloads the specified PEM-encoded bundle of trusted CA certificates. operationId: GetCaBundlePemFile parameters: - description: |- ID of the CA bundle to retrieve in: path name: cabundle-id required: true type: string produces: - text/plain;charset=UTF-8 responses: '200': description: OK schema: type: string '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Downloads a CA bundle tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate /infra/capacity/dashboard/usage: get: consumes: - application/json description: |- Returns capacity usage data for NSX objects operationId: GetPolicyCapacityDashboardUsage parameters: - in: query name: category required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: true in: query name: force required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CapacityUsageResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns capacity usage data for NSX objects tags: - Policy - Monitoring - Capacity Dashboard x-vmw-nsx-module: PolicyCapacityDashboard /infra/capacity/threshold: get: consumes: - application/json description: |- Returns warning threshold(s) set for NSX Objects. operationId: GetPolicyCapacityThresholds produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CapacityThresholdList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns warning threshold(s) set for NSX Objects. tags: - Policy - Monitoring - Capacity Dashboard x-vmw-nsx-module: PolicyCapacityDashboard patch: consumes: - application/json description: | Updates the warning threshold(s) for NSX Objects specified, does not modify thresholds for any other objects. operationId: PatchPolicyCapacityThresholds parameters: - in: body name: CapacityThreshold required: true schema: $ref: '#/definitions/CapacityThreshold' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Updates the thresholds for specified NSX Objects. tags: - Policy - Monitoring - Capacity Dashboard x-vmw-nsx-module: PolicyCapacityDashboard put: consumes: - application/json description: | Updates the warning threshold(s) for NSX Objects specified, and returns new threshold(s). Threshold list in the request must contain value for GLOBAL_DEFAULT threshold_type which represents global thresholds. operationId: UpdatePolicyCapacityThresholds parameters: - in: body name: CapacityThresholdList required: true schema: $ref: '#/definitions/CapacityThresholdList' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CapacityThresholdList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Updates the warning threshold(s) for NSX Objects. tags: - Policy - Monitoring - Capacity Dashboard x-vmw-nsx-module: PolicyCapacityDashboard /infra/capacity/usage: get: consumes: - application/json description: |- Returns capacity usage data for NSX objects operationId: GetPolicyCapacityUsage parameters: - in: query name: category required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyCapacityUsageResponse' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns capacity usage data for NSX objects tags: - Policy - Monitoring - Capacity Dashboard x-vmw-nsx-module: PolicyCapacityDashboard /infra/certificates: get: consumes: - application/json description: | Returns all certificate information viewable by the user, including each certificate's id; pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI. operationId: ListTlsCertificates parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type of certificate to return enum: - cluster_api_certificate in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCertificateList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Return All the User-Facing Components' Certificates tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate /infra/certificates/{certificate-id}: delete: consumes: - application/json description: | Removes the specified certificate. The private key associated with the certificate is also deleted. operationId: DeleteTlsCertificate parameters: - description: |- ID of certificate to delete in: path name: certificate-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Certificate for the Given Certificate ID tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate get: consumes: - application/json description: | Returns information for the specified certificate ID, including the certificate's id; pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI. operationId: GetTlsCertificate parameters: - description: |- ID of certificate to read in: path name: certificate-id required: true type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Show Certificate Data for the Given Certificate ID tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate patch: consumes: - application/json description: | Adds a new private-public certificate and, optionally, a private key that can be applied to one of the user-facing components (appliance management or edge). The certificate and the key should be stored in PEM format. If no private key is provided, the certificate is used as a client certificate in the trust store. A private key can be uploaded for a CA certificate only if the "purpose" parameter is set to "signing-ca". A certificate chain will not be expanded into separate certificate instances for reference, but would be pushed to the enforcement point as a single certificate. This patch method does not modify an existing certificate. operationId: PatchTlsCertificate parameters: - in: path name: certificate-id required: true type: string - in: body name: TlsTrustData required: true schema: $ref: '#/definitions/TlsTrustData' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Add a New Certificate tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate put: consumes: - application/json description: | Adds a new private-public certificate and, optionally, a private key that can be applied to one of the user-facing components (appliance management or edge). The certificate and the key should be stored in PEM format. If no private key is provided, the certificate is used as a client certificate in the trust store. A private key can be uploaded for a CA certificate only if the "purpose" parameter is set to "signing-ca". A certificate chain will not be expanded into separate certificate instances for reference, but would be pushed to the enforcement point as a single certificate. This PUT method does not modify an existing certificate. operationId: AddTlsCertificate parameters: - in: path name: certificate-id required: true type: string - in: body name: TlsTrustData required: true schema: $ref: '#/definitions/TlsTrustData' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Add a New Certificate tags: - Policy - Infra - Certificates - Certificates x-vmw-nsx-module: PolicyCertificate /infra/connectivity-global-config: get: consumes: - application/json description: | Read the connectivity global configuration operationId: ReadConnectivityGlobalConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the connectivity global configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy patch: consumes: - application/json description: |- Update the connectivity global configuration operationId: PatchConnectivityGlobalConfig parameters: - in: body name: GlobalConfig required: true schema: $ref: '#/definitions/GlobalConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the connectivity global configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy put: consumes: - application/json description: |- Update the connectivity global configuration operationId: UpdateConnectivityGlobalConfig parameters: - in: body name: GlobalConfig required: true schema: $ref: '#/definitions/GlobalConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the connectivity global configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy /infra/constraints: get: consumes: - application/json description: |- List tenant constraints. operationId: ListTenantConstraints parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ConstraintListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List tenant Constraints. tags: - Policy - Infra - Constraints x-vmw-nsx-module: PolicyConstraints /infra/constraints/{constraint-id}: delete: consumes: - application/json description: |- Delete tenant constraint. operationId: DeleteTenantConstraint parameters: - in: path name: constraint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete tenant Constraint. tags: - Policy - Infra - Constraints x-vmw-nsx-module: PolicyConstraints get: consumes: - application/json description: |- Read tenant constraint. operationId: ReadTenantConstraint parameters: - in: path name: constraint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Constraint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read tenant Constraint. tags: - Policy - Infra - Constraints x-vmw-nsx-module: PolicyConstraints patch: consumes: - application/json description: | Create tenant constraint if not exists, otherwise update the existing constraint. operationId: PatchTenantConstraint parameters: - in: path name: constraint-id required: true type: string - in: body name: Constraint required: true schema: $ref: '#/definitions/Constraint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update tenant Constraint tags: - Policy - Infra - Constraints x-vmw-nsx-module: PolicyConstraints put: consumes: - application/json description: | Create tenant constraint if it does not exist, otherwise replace the existing constraint. operationId: CreateOrReplaceTenantConstraint parameters: - in: path name: constraint-id required: true type: string - in: body name: Constraint required: true schema: $ref: '#/definitions/Constraint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Constraint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update tenant Constraint tags: - Policy - Infra - Constraints x-vmw-nsx-module: PolicyConstraints /infra/context-profiles: get: consumes: - application/json description: | Get all PolicyContextProfiles operationId: ListPolicyContextProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PolicyContextProfiles tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /infra/context-profiles/attributes: get: consumes: - application/json description: | Returns supported attribute and sub-attributes for specified attribute key with their supported values, if provided in query/request parameter, else will fetch all supported attributes and sub-attributes for all supported attribute keys. Alternatively, to get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes operationId: ListProfileSupportedAttributes parameters: - description: Fetch attributes and sub-attributes for the given attribute key in: query name: attribute_key required: false type: string - default: SYSTEM description: Source of the attribute, System Defined or custom enum: - ALL - CUSTOM - SYSTEM in: query name: attribute_source required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy Context Profile supported attributes and sub-attributes tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /infra/context-profiles/custom-attributes: patch: consumes: - application/json description: | This API updates custom attribute value list for given key. operationId: PatchCustomAttributeList parameters: - in: body name: PolicyAttributes required: true schema: $ref: '#/definitions/PolicyAttributes' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update custom object attribute value list for given attribute key tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile post: consumes: - application/json description: | This API adds/removes custom attribute values from list for a given attribute key. operationId: AddRemoveCustomAttributeValues parameters: - in: body name: PolicyAttributes required: true schema: $ref: '#/definitions/PolicyAttributes' - description: Add or Remove Custom Context Profile Attribute values. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Adds/Removes custom attribute values from list tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /infra/context-profiles/custom-attributes/default: get: consumes: - application/json description: | This API updates custom attribute value list for given key. operationId: GetCustomAttribute parameters: - description: Fetch attributes and sub-attributes for the given attribute key in: query name: attribute_key required: false type: string - default: SYSTEM description: Source of the attribute, System Defined or custom enum: - ALL - CUSTOM - SYSTEM in: query name: attribute_source required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update custom object attribute value list for given attribute key tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile patch: consumes: - application/json description: | This API updates custom attribute value list for given key. operationId: PatchCustomAttribute parameters: - in: body name: PolicyCustomAttributes required: true schema: $ref: '#/definitions/PolicyCustomAttributes' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update custom object attribute value list for given attribute key tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile post: consumes: - application/json description: | This API adds/removes custom attribute values from list for a given attribute key. operationId: AddRemoveCustomAttribute parameters: - in: body name: PolicyCustomAttributes required: true schema: $ref: '#/definitions/PolicyCustomAttributes' - description: Add or Remove Custom Context Profile Attribute values. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Adds/Removes custom attribute values from list tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /infra/context-profiles/{context-profile-id}: delete: consumes: - application/json description: | Deletes the specified Policy Context Profile. If the Policy Context Profile is consumed in a firewall rule, it won't get deleted. operationId: DeletePolicyContextProfile parameters: - description: |- Policy Context Profile Id in: path name: context-profile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean - default: false description: Delete the locally overriden global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Policy Context Profile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile get: consumes: - application/json description: | Get a single PolicyContextProfile by id operationId: GetPolicyContextProfile parameters: - in: path name: context-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PolicyContextProfile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile patch: consumes: - application/json description: | Creates/Updates a PolicyContextProfile, which encapsulates attribute and sub-attributes of network services. Rules for using attributes and sub-attributes in single PolicyContextProfile 1. One type of attribute can't have multiple occurrences. ( Eg. - Attribute type APP_ID can be used only once per PolicyContextProfile.) 2. For specifying multiple values for an attribute, provide them in an array. 3. If sub-attribtes are mentioned for an attribute, then only single value is allowed for that attribute. 4. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes operationId: PatchCreateOrUpdatePolicyContextProfile parameters: - in: path name: context-profile-id required: true type: string - in: body name: PolicyContextProfile required: true schema: $ref: '#/definitions/PolicyContextProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create PolicyContextProfile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile put: consumes: - application/json description: | Creates/Updates a PolicyContextProfile, which encapsulates attribute and sub-attributes of network services. Rules for using attributes and sub-attributes in single PolicyContextProfile 1. One type of attribute can't have multiple occurrences. ( Eg. - Attribute type APP_ID can be used only once per PolicyContextProfile.) 2. For specifying multiple values for an attribute, provide them in an array. 3. If sub-attribtes are mentioned for an attribute, then only single value is allowed for that attribute. 4. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes operationId: PutCreateOrUpdatePolicyContextProfile parameters: - in: path name: context-profile-id required: true type: string - in: body name: PolicyContextProfile required: true schema: $ref: '#/definitions/PolicyContextProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create PolicyContextProfile tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: PolicyContextProfile /infra/crls: get: consumes: - application/json description: | Returns information about all CRLs. For additional information, include the ?details=true modifier at the end of the request URI. operationId: ListTlsCrls parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Type of certificate to return enum: - cluster_api_certificate in: query name: type required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCrlListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Return All Added CRLs tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate /infra/crls/{crl-id}: delete: consumes: - application/json description: |- Deletes an existing CRL. operationId: DeleteTlsCrl parameters: - in: path name: crl-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a CRL tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate get: consumes: - application/json description: | Returns information about the specified CRL. For additional information, include the ?details=true modifier at the end of the request URI. operationId: GetTlsCrl parameters: - in: path name: crl-id required: true type: string - default: false description: whether to expand the pem data and show all its details in: query name: details required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCrl' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Show CRL Data for the Given CRL id. tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate patch: consumes: - application/json description: | Create or patch a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl. operationId: CreateOrPatchTlsCrl parameters: - in: path name: crl-id required: true type: string - in: body name: TlsCrl required: true schema: $ref: '#/definitions/TlsCrl' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a Certificate Revocation List tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate put: consumes: - application/json description: | Create or replace a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. Revision is required. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl. operationId: CreateOrUpdateTlsCrl parameters: - in: path name: crl-id required: true type: string - in: body name: TlsCrl required: true schema: $ref: '#/definitions/TlsCrl' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCrl' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace a Certificate Revocation List tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate /infra/crls/{crl-id}?action=import: post: consumes: - application/json description: | Adds a new certificate revocation list (CRLs). The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the presence of fields pem_encoded or one_crl. An X.509 CRL can contain a single CRL or multiple CRLs depending on the PEM data. - Single CRL: a single CRL is created with the given id. - Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id generated based on the given id. First CRL is created with crl-id, second with crl-id-1, third with crl-id-2, etc. operationId: CreateTlsCrl parameters: - in: path name: crl-id required: true type: string - in: body name: TlsCrl required: true schema: $ref: '#/definitions/TlsCrl' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/TlsCrlListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a new Certificate Revocation List tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate /infra/crls/{crl-id}?action=upload: post: consumes: - multipart/form-data description: | Adds or replaces a certificate revocation list (CRLs). The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. A CRL can be in the PEM X.509 format (crl_type=X509) or JSON OneCRL (crl_type=OneCRL). If crl_type is not specified, it is auto-detected based on the upload content. An X.509 CRL can contain a single CRL or multiple CRLs depending on the PEM data. - Single CRL: a single CRL is created with the given id. - Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id generated based on the given id. First CRL is created with crl-id, second with crl-id-1, third with crl-id-2, etc. Differently from action=import, this method allows multi-part upload of the CRL(s). The TlsCrl resource returned in the body of the response will have an empty pem_encoded field, as it may be large. Use a GET request to retrieve the PEM-encoded CRL. operationId: UploadTlsCrl parameters: - in: path name: crl-id required: true type: string - default: X509 description: Type of CRL enum: - OneCRL - X509 in: query name: crl_type required: false type: string - description: Description of this resource in: query maxLength: 1024 name: description type: string - description: Identifier to use when displaying entity in logs or GUI in: query maxLength: 255 name: display_name type: string - description: File to be uploaded in: formData name: file required: true type: file produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCrl' '201': description: Created schema: $ref: '#/definitions/TlsCrl' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Upload a new or updated Certificate Revocation List tags: - Policy - Infra - Certificates - Certification Revocation List x-vmw-nsx-module: PolicyCertificate /infra/csrs: get: consumes: - application/json description: |- Returns information about all of the CSRs that have been created. operationId: ListTlsCsrs parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCsrListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Return All the Generated CSRs tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/csrs/{csr-id}: delete: consumes: - application/json description: | Removes a specified CSR. If a CSR is not used for verification, you can delete it. Note that the CSR import and upload POST actions automatically delete the associated CSR. operationId: DeleteTlsCsr parameters: - description: |- ID of CSR to delete in: path name: csr-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a CSR tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate get: consumes: - application/json description: |- Returns information about the specified CSR. operationId: GetTlsCsr parameters: - description: |- ID of CSR to read in: path name: csr-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsCsr' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Show CSR Data for the Given CSR ID tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/csrs/{csr-id}/pem-file: get: consumes: - application/json description: |- Downloads the CSR PEM file for a specified CSR. Clients must include an Accept: text/plain request header. operationId: GetTlsCsrPem parameters: - description: |- ID of CSR to read in: path name: csr-id required: true type: string produces: - text/plain;charset=UTF-8 responses: '200': description: OK schema: type: string '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get CSR PEM File for the Given CSR ID tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/csrs/{csr-id}?action=create: post: consumes: - application/json description: | Creates a new certificate signing request (CSR). A CSR is encrypted text that contains information about your organization (organization name, country, and so on) and your Web server's public key, which is a public certificate the is generated on the server that can be used to forward this request to a certificate authority (CA). A private key is also usually created at the same time as the CSR. operationId: GenerateTlsCsr parameters: - description: |- ID of CSR to create in: path name: csr-id required: true type: string - in: body name: TlsCsr required: true schema: $ref: '#/definitions/TlsCsr' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/TlsCsr' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Generate a New Certificate Signing Request tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/csrs/{csr-id}?action=import: post: consumes: - application/json description: | Imports a certificate authority (CA)-signed certificate for a CSR. This action links the certificate to the private key created by the CSR. The pem_encoded string in the request body is the signed certificate provided by your CA in response to the CSR that you provide to them. The import POST action automatically deletes the associated CSR. operationId: ImportSignedTlsCertificate parameters: - description: |- CSR this certificate is associated with in: path name: csr-id required: true type: string - in: body name: TlsTrustData required: true schema: $ref: '#/definitions/TlsTrustData' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/TlsCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Import a Certificate Associated with an Approved CSR tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/csrs/{csr-id}?action=self_sign: post: consumes: - application/json description: | Self-signs the previously generated CSR. This action is similar to the import certificate action, but instead of using a public certificate signed by a CA, the self_sign POST action uses a certificate that is signed with NSX's own private key. For validity of non-CA certificates, if a value greater than 825 days is provided, it will be set to 825 days. No limit is set for CA certificates. operationId: SelfSignTlsCertificate parameters: - description: |- CSR this certificate is associated with in: path name: csr-id required: true type: string - default: 825 description: Number of days the certificate will be valid, default 825 days format: int64 in: query maximum: 10000 minimum: 1 name: days_valid required: true type: integer produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/TlsCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Self-Sign the CSR tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/csrs/{csr-id}?action=upload: post: consumes: - multipart/form-data description: | Uploads the certificate authority (CA)-signed certificate. After you send the certificate request to the CA of your choice, and the CA sends back the signed certificate, you can use the upload POST action to upload the signed certificate. The upload action is similar to the import action, but the upload action allows you to directly upload the PEM-encoded file (signed certificate) provided by the CA. Like the import POST action, the upload POST action automatically deletes the associated CSR. operationId: UploadPemSignedTlsCertificate parameters: - description: |- ID of the CSR to read in: path name: csr-id required: true type: string - description: Description of this resource in: query maxLength: 1024 name: description type: string - description: Identifier to use when displaying entity in logs or GUI in: query maxLength: 255 name: display_name type: string - description: File to be uploaded in: formData name: file required: true type: file produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/TlsCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Upload the Certificate PEM File Signed by the CA Associated with a CSR tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/csrs?action=self_sign: post: consumes: - application/json description: | Creates a new self-signed certificate. A private key is also created at the same time. This is convenience call that will generate a CSR and then self-sign it. For validity of non-CA certificates, if a value greater than 825 days is provided, it will be set to 825 days. No limit is set for CA certificates. operationId: GenerateSelfSignedTlsCertificate parameters: - in: body name: TlsCsrWithDaysValid required: true schema: $ref: '#/definitions/TlsCsrWithDaysValid' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/TlsCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Generate a new self-signed certificate tags: - Policy - Infra - Certificates - CSR x-vmw-nsx-module: PolicyCertificate /infra/deployment-zones: get: consumes: - application/json description: | Paginated list of all Deployment zones for infra. This is a deprecated API. DeploymentZone has been renamed to Site. Use GET /infra/sites. operationId: ListDeploymentZonesForInfra parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentZoneListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Deployment Zones for infra tags: - Policy - Infra - Deployment Zones x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/deployment-zones/{deployment-zone-id}: get: consumes: - application/json description: | Read a Deployment Zone. This is a deprecated API. DeploymentZone has been renamed to Site. Use GET /infra/sites/site-id. operationId: ReadDeploymentZoneInfra parameters: - in: path name: deployment-zone-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a DeploymentZone tags: - Policy - Infra - Deployment Zones x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/deployment-zones/{deployment-zone-id}/enforcement-points: get: consumes: - application/json description: | Paginated list of all enforcementpoints for infra. This is a deprecated API. DeploymentZone has been renamed to Site. Use GET /infra/sites/site-id/enforcement-points. operationId: ListEnforcementPointForInfra parameters: - in: path name: deployment-zone-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List enforcementpoints for infra tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/deployment-zones/{deployment-zone-id}/enforcement-points/{enforcementpoint-id}: delete: consumes: - application/json description: | Delete EnforcementPoint. This is a deprecated API. DeploymentZone has been renamed to Site. Use DELETE /infra/sites/site-id/enforcement-points/enforcementpoint-id. operationId: DeleteEnforcementPoint parameters: - in: path name: deployment-zone-id required: true type: string - in: path name: enforcementpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete EnforcementPoint tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement get: consumes: - application/json description: | Read an Enforcement Point. This is a deprecated API. DeploymentZone has been renamed to Site. Use GET /infra/sites/site-id/enforcement-points/enforcementpoint-id. operationId: ReadEnforcementPointForInfra parameters: - in: path name: deployment-zone-id required: true type: string - in: path name: enforcementpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement patch: consumes: - application/json description: | If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, patch it. This is a deprecated API. DeploymentZone has been renamed to Site. Use PATCH /infra/sites/site-1/enforcement-points/enforcementpoint-1. operationId: PatchEnforcementPointForInfra parameters: - in: path name: deployment-zone-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: body name: EnforcementPoint required: true schema: $ref: '#/definitions/EnforcementPoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a new Enforcement Point under infra tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement put: consumes: - application/json description: | If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, replace it. This is a deprecated API. DeploymentZone has been renamed to Site. Use PUT /infra/sites/site-id/enforcement-points/enforcementpoint-id. operationId: CreateOrUpdateEnforcementPointForInfra parameters: - in: path name: deployment-zone-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: body name: EnforcementPoint required: true schema: $ref: '#/definitions/EnforcementPoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create/update a new Enforcement Point under infra tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/dhcp-relay-configs: get: consumes: - application/json description: | Paginated list of all DHCP relay config instances operationId: ListDhcpRelayConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpRelayConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List DHCP relay config instances tags: - Policy - Networking - IP Management - DHCP - DHCP Relay Configs x-vmw-nsx-module: PolicyConnectivity /infra/dhcp-relay-configs/{dhcp-relay-config-id}: delete: consumes: - application/json description: |- Delete DHCP relay configuration operationId: DeleteDhcpRelayConfig parameters: - description: |- DHCP relay config ID in: path name: dhcp-relay-config-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DHCP relay configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Relay Configs x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read DHCP relay configuration operationId: ReadDhcpRelayConfig parameters: - description: |- DHCP relay config ID in: path name: dhcp-relay-config-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpRelayConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP relay configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Relay Configs x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If DHCP relay config with the dhcp-relay-config-id is not already present, create a new DHCP relay config instance. If it already exists, update the DHCP relay config instance with specified attributes. operationId: PatchDhcpRelayConfig parameters: - description: |- DHCP relay config ID in: path name: dhcp-relay-config-id required: true type: string - in: body name: DhcpRelayConfig required: true schema: $ref: '#/definitions/DhcpRelayConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP relay configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Relay Configs x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If DHCP relay config with the dhcp-relay-config-id is not already present, create a new DHCP relay config instance. If it already exists, replace the DHCP relay config instance with this object. operationId: CreateOrReplaceDhcpRelayConfig parameters: - description: |- DHCP relay config ID in: path name: dhcp-relay-config-id required: true type: string - in: body name: DhcpRelayConfig required: true schema: $ref: '#/definitions/DhcpRelayConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpRelayConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP relay configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Relay Configs x-vmw-nsx-module: PolicyConnectivity /infra/dhcp-server-configs: get: consumes: - application/json description: | Paginated list of all DHCP server config instances operationId: ListDhcpServerConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List DHCP server config instances tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivity /infra/dhcp-server-configs/{config-id}/leases: get: consumes: - application/json description: |- Read DHCP server leases operationId: ReadDhcpServerLeases parameters: - in: path name: config-id required: true type: string - description: IP or MAC address in: query name: address required: false type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Segment path to retrieve lease information in: query name: segment_path required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpLeasesResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server leases tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /infra/dhcp-server-configs/{config-id}/state: get: consumes: - application/json description: |- Read DHCP server state operationId: ReadDhcpServerState parameters: - in: path name: config-id required: true type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server state tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /infra/dhcp-server-configs/{config-id}/stats: get: consumes: - application/json description: |- Read DHCP server statistics operationId: ReadDhcpServerStats parameters: - in: path name: config-id required: true type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server statistics tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /infra/dhcp-server-configs/{config-id}/status: get: consumes: - application/json description: |- Read DHCP server status operationId: ReadDhcpServerStatus parameters: - in: path name: config-id required: true type: string - description: String Path of Tier0, Tier1 or Segment in: query name: connectivity_path required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server status tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivityStatistics /infra/dhcp-server-configs/{dhcp-server-config-id}: delete: consumes: - application/json description: |- Delete DHCP server configuration operationId: DeleteDhcpServerConfig parameters: - description: |- DHCP server config ID in: path name: dhcp-server-config-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DHCP server configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read DHCP server configuration operationId: ReadDhcpServerConfig parameters: - description: |- DHCP server config ID in: path name: dhcp-server-config-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP server configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If DHCP server config with the dhcp-server-config-id is not already present, create a new DHCP server config instance. If it already exists, update the DHCP server config instance with specified attributes. Realized entities of this API can be found using the path of Tier-0, Tier1, or Segment where this config is applied on. Modification of edge_cluster_path in DhcpServerConfig will lose all existing DHCP leases. If both the preferred_edge_paths in the DhcpServerConfig are changed in a same PATCH API, e.g. change from [a,b] to [x,y], the current DHCP server leases will be lost, which could cause network connectivity issues. It is recommended to change only one member index in an update call, e.g. from [a, b] to [a,y]. Clearing preferred_edge_paths will not reassign edge nodes from the edge cluster. Instead, the previously-allocated edge nodes will be retained to avoid loss of leases. operationId: PatchDhcpServerConfig parameters: - description: |- DHCP server config ID in: path name: dhcp-server-config-id required: true type: string - in: body name: DhcpServerConfig required: true schema: $ref: '#/definitions/DhcpServerConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP server configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If DHCP server config with the dhcp-server-config-id is not already present, create a new DHCP server config instance. If it already exists, replace the DHCP server config instance with this object. Realized entities of this API can be found using the path of Tier-0, Tier1, or Segment where this config is applied on. Modification of edge_cluster_path in DhcpServerConfig will lose all existing DHCP leases. If both the preferred_edge_paths in the DhcpServerConfig are changed in a same PUT API, e.g. change from [a,b] to [x,y], the current DHCP server leases will be lost, which could cause network connectivity issues. It is recommended to change only one member index in an update call, e.g. from [a, b] to [a,y]. Clearing preferred_edge_paths will not reassign edge nodes from the edge cluster. Instead, the previously-allocated edge nodes will be retained to avoid loss of leases. operationId: CreateOrReplaceDhcpServerConfig parameters: - description: |- DHCP server config ID in: path name: dhcp-server-config-id required: true type: string - in: body name: DhcpServerConfig required: true schema: $ref: '#/definitions/DhcpServerConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpServerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP server configuration tags: - Policy - Networking - IP Management - DHCP - DHCP Server Configs x-vmw-nsx-module: PolicyConnectivity /infra/dns-forwarder-zones: get: consumes: - application/json description: | Paginated list of all Dns Forwarder Zones operationId: ListPolicyDnsForwarderZone parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarderZoneListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Dns Forwarder Zones tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - DNS Zones x-vmw-nsx-module: PolicyDnsForwarder /infra/dns-forwarder-zones/{dns-forwarder-zone-id}: delete: consumes: - application/json description: |- Delete the DNS Forwarder Zone operationId: DeletePolicyDnsForwarderZone parameters: - description: |- DNS Forwarder Zone ID in: path name: dns-forwarder-zone-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete the DNS Forwarder Zone tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - DNS Zones x-vmw-nsx-module: PolicyDnsForwarder get: consumes: - application/json description: |- Read the DNS Forwarder Zone operationId: ReadPolicyDnsForwarderZone parameters: - description: |- DNS Forwarder Zone ID in: path name: dns-forwarder-zone-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarderZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder Zone tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - DNS Zones x-vmw-nsx-module: PolicyDnsForwarder patch: consumes: - application/json description: |- Create or update the DNS Forwarder Zone operationId: PatchPolicyDnsForwarderZone parameters: - description: |- DNS Forwarder Zone ID in: path name: dns-forwarder-zone-id required: true type: string - in: body name: PolicyDnsForwarderZone required: true schema: $ref: '#/definitions/PolicyDnsForwarderZone' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update the DNS Forwarder Zone tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - DNS Zones x-vmw-nsx-module: PolicyDnsForwarder put: consumes: - application/json description: |- Create or update the DNS Forwarder Zone operationId: UpdatePolicyDnsForwarderZone parameters: - description: |- DNS Forwarder Zone ID in: path name: dns-forwarder-zone-id required: true type: string - in: body name: PolicyDnsForwarderZone required: true schema: $ref: '#/definitions/PolicyDnsForwarderZone' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarderZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update the DNS Forwarder Zone tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - DNS Zones x-vmw-nsx-module: PolicyDnsForwarder /infra/dns-security-profiles: get: consumes: - application/json description: |- List all DNS security profiles operationId: ListDnsSecurityProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all DNS security profiles tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile /infra/dns-security-profiles/{profile-id}: delete: consumes: - application/json description: |- Delete DNS security profile operationId: DeleteDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DNS security profile tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile get: consumes: - application/json description: |- Read the DNS Forwarder for the given tier-0 instance operationId: ReadDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder for the given tier-0 instance tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile patch: consumes: - application/json description: |- Create or update DNS security profile operationId: PatchDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string - in: body name: DnsSecurityProfile required: true schema: $ref: '#/definitions/DnsSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DNS security profile tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile put: consumes: - application/json description: |- Create or update DNS security profile operationId: UpdateDnsSecurityProfile parameters: - in: path name: profile-id required: true type: string - in: body name: DnsSecurityProfile required: true schema: $ref: '#/definitions/DnsSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DNS security profile tags: - Policy - Security - Security Profiles - DNS Security Profiles x-vmw-nsx-module: PolicyProfile /infra/domains: get: consumes: - application/json description: | Paginated list of all domains for infra. operationId: ListDomainForInfra parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DomainListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List domains for infra tags: - Policy - Infra - Domains - Domain x-vmw-nsx-module: Policy /infra/domains/endpoint-policies: get: consumes: - application/json description: | List all Endpoint policies across all domains ordered by precedence. operationId: ListEndpointPoliciesAcrossAllDomains parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EndpointPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Endpoint policies tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection /infra/domains/firewall-flood-protection-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall Flood Protection Profile Binding Maps across all domains. This API returns the binding maps order by the sequence number. operationId: ListFirewallFloodProtectionBindingsAcrossDomains parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Flood Protection Profile Binding Maps for all domains tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding /infra/domains/firewall-session-timer-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall Session Timer Profile Binding Maps across all domains. This API returns the binding maps order by the sequence number. operationId: ListFirewallSessionTimerBindingsAcrossDomains parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Session Timer Profile Binding Maps for all domains tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding /infra/domains/redirection-policies: get: consumes: - application/json description: | List all redirection policys across all domains ordered by precedence. operationId: ListRedirectionPoliciesAcrossAllDomains parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RedirectionPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List redirection policys tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion /infra/domains/{domain-id}: delete: consumes: - application/json description: | Delete the domain along with all the entities contained by this domain. The groups that are a part of this domain are also deleted along with the domain. operationId: DeleteDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Domain and all the entities contained by this domain tags: - Policy - Infra - Domains - Domain x-vmw-nsx-module: Policy get: consumes: - application/json description: | Read a domain. operationId: ReadDomainForInfra parameters: - description: |- Domain ID in: path name: domain-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Domain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read domain tags: - Policy - Infra - Domains - Domain x-vmw-nsx-module: Policy patch: consumes: - application/json description: | If a domain with the domain-id is not already present, create a new domain. If it already exists, patch the domain operationId: PatchDomainForInfra parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - in: body name: Domain required: true schema: $ref: '#/definitions/Domain' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a domain tags: - Policy - Infra - Domains - Domain x-vmw-nsx-module: Policy put: consumes: - application/json description: | If a domain with the domain-id is not already present, create a new domain. If it already exists, update the domain including the nested groups. This is a full replace operationId: UpdateDomainForInfra parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - in: body name: Domain required: true schema: $ref: '#/definitions/Domain' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Domain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a domain tags: - Policy - Infra - Domains - Domain x-vmw-nsx-module: Policy /infra/domains/{domain-id}/communication-maps: get: consumes: - application/json description: | List all communication maps for a domain. This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies operationId: ListCommunicationMapsForDomain parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List communication maps tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw /infra/domains/{domain-id}/communication-maps/{communication-map-id}: delete: consumes: - application/json description: | Deletes the communication map along with all the communication entries This API is deprecated. Please use the following API instead. DELETE /infra/domains/domain-id/security-policies/security-policy-id operationId: DeleteCommunicationMapForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deletes a communication map from this domain tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw get: consumes: - application/json description: | Read communication-map for a domain. This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id operationId: ReadCommunicationMapForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read communication-map tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw patch: consumes: - application/json description: | Patch the communication map for a domain. If a communication map for the given communication-map-id is not present, the object will get created and if it is present it will be updated. This is a full replace This API is deprecated. Please use the following API instead. PATCH /infra/domains/domain-id/security-policies/security-policy-id operationId: PatchCommunicationMapForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: body name: CommunicationMap required: true schema: $ref: '#/definitions/CommunicationMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch communication map tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw put: consumes: - application/json description: | Create or Update the communication map for a domain. This is a full replace. All the CommunicationEntries are replaced. This API is deprecated. Please use the following API instead. PUT /infra/domains/domain-id/security-policies/security-policy-id operationId: UpdateCommunicationMapForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: body name: CommunicationMap required: true schema: $ref: '#/definitions/CommunicationMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update communication map tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw /infra/domains/{domain-id}/communication-maps/{communication-map-id}/communication-entries: get: consumes: - application/json description: | List CommunicationEntries This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id/rules operationId: ListCommunicationEntry parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationEntryListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List CommunicationEntries tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw /infra/domains/{domain-id}/communication-maps/{communication-map-id}/communication-entries/{communication-entry-id}: delete: consumes: - application/json description: | Delete CommunicationEntry This API is deprecated. Please use the following API instead. DELETE /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id operationId: DeleteCommunicationEntry parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: path name: communication-entry-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete CommunicationEntry tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw get: consumes: - application/json description: | Read CommunicationEntry This API is deprecated. Please use the following API instead. GET /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id operationId: ReadCommunicationEntry parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: path name: communication-entry-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read CommunicationEntry tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw patch: consumes: - application/json description: "Patch the CommunicationEntry. If a communication entry for the\ \ given\ncommunication-entry-id is not present, the object will get created\ \ and if\nit is present it will be updated. This is a full replace \nThis\ \ API is deprecated. Please use the following API instead.\nPATCH /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id\n" operationId: PatchCommunicationEntry parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: path name: communication-entry-id required: true type: string - in: body name: CommunicationEntry required: true schema: $ref: '#/definitions/CommunicationEntry' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a CommunicationEntry tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw put: consumes: - application/json description: | Update the CommunicationEntry. If a CommunicationEntry with the communication-entry-id is not already present, this API fails with a 404. Creation of CommunicationEntries is not allowed using this API. This API is deprecated. Please use the following API instead PUT /infra/domains/domain-id/security-policies/securit-policy-id/rules/rule-id operationId: UpdateCommunicationEntry parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: path name: communication-entry-id required: true type: string - in: body name: CommunicationEntry required: true schema: $ref: '#/definitions/CommunicationEntry' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a CommunicationEntry tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw ? /infra/domains/{domain-id}/communication-maps/{communication-map-id}/communication-entries/{communication-entry-id}?action=revise : post: consumes: - application/json description: | This is used to re-order a communictation entry within a communication map. This API is deprecated. Please use the following API instead. POST /infra/domains/domain-id/security-policies/security-policy-id/rules/rule-id?action=revise operationId: ReviseCommunicationEntry parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: path name: communication-entry-id required: true type: string - in: body name: CommunicationEntry required: true schema: $ref: '#/definitions/CommunicationEntry' - description: 'The communication map/communication entry path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of communication entry tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw /infra/domains/{domain-id}/communication-maps/{communication-map-id}?action=revise: post: consumes: - application/json description: | This is used to set a precedence of a communication map w.r.t others. This API is deprecated. Please use the following API instead. POST /infra/domains/domain-id/security-policies/security-policy-id?action=revise operationId: ReviseCommunicationMaps parameters: - in: path name: domain-id required: true type: string - in: path name: communication-map-id required: true type: string - in: body name: CommunicationMap required: true schema: $ref: '#/definitions/CommunicationMap' - description: 'The communication map/communication entry path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunicationMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of communication maps tags: - Policy - Security - East West Security - Distributed Firewall - Communication Maps x-vmw-nsx-module: PolicyDfw /infra/domains/{domain-id}/domain-deployment-maps: get: consumes: - application/json description: | Paginated list of all Domain Deployment Entries for infra. operationId: ListDomainDeploymentMapsForInfra parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DomainDeploymentMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Domain Deployment maps for infra tags: - Policy - Infra - Domains - Domain Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/domains/{domain-id}/domain-deployment-maps/{domain-deployment-map-id}: delete: consumes: - application/json description: |- Delete Domain Deployment Map operationId: DeleteDomainDeploymentMap parameters: - in: path name: domain-id required: true type: string - in: path name: domain-deployment-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Domain Deployment Map tags: - Policy - Infra - Domains - Domain Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement get: consumes: - application/json description: | Read a Domain Deployment Map operationId: ReadDomainDeploymentMapForInfra parameters: - in: path name: domain-id required: true type: string - in: path name: domain-deployment-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DomainDeploymentMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a DomainDeploymentMap tags: - Policy - Infra - Domains - Domain Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement patch: consumes: - application/json description: | If the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map. If it already exist, patch it. operationId: PatchDomainDeploymentMapForInfra parameters: - in: path name: domain-id required: true type: string - in: path name: domain-deployment-map-id required: true type: string - in: body name: DomainDeploymentMap required: true schema: $ref: '#/definitions/DomainDeploymentMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Domain Deployment Map under infra tags: - Policy - Infra - Domains - Domain Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement put: consumes: - application/json description: | If the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map. If it already exist, replace it. operationId: CreateOrUpdateDomainDeploymentMapForInfra parameters: - in: path name: domain-id required: true type: string - in: path name: domain-deployment-map-id required: true type: string - in: body name: DomainDeploymentMap required: true schema: $ref: '#/definitions/DomainDeploymentMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DomainDeploymentMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a new Domain Deployment Map under infra tags: - Policy - Infra - Domains - Domain Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/domains/{domain-id}/endpoint-policies/{endpoint-policy-id}: delete: consumes: - application/json description: |- Delete Endpoint policy. operationId: DeleteEndpointPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Endpoint policy tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection get: consumes: - application/json description: | Read Endpoint policy. operationId: ReadEndpointPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EndpointPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Endpoint policy tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection patch: consumes: - application/json description: | Create or update the Endpoint policy. operationId: PatchEndpointPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string - in: body name: EndpointPolicy required: true schema: $ref: '#/definitions/EndpointPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Endpoint policy tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection put: consumes: - application/json description: | Create or update the Endpoint policy. operationId: CreateOrUpdateEndpointPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string - in: body name: EndpointPolicy required: true schema: $ref: '#/definitions/EndpointPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EndpointPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Endpoint policy tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection /infra/domains/{domain-id}/endpoint-policies/{endpoint-policy-id}/endpoint-rules: get: consumes: - application/json description: |- List Endpoint rules operationId: ListEndpointRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EndpointRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Endpoint rules tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection /infra/domains/{domain-id}/endpoint-policies/{endpoint-policy-id}/endpoint-rules/{endpoint-rule-id}: delete: consumes: - application/json description: |- Delete EndpointRule operationId: DeleteEndpointRule parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- EndpointPolicy ID in: path name: endpoint-policy-id required: true type: string - description: |- EndpointRule ID in: path name: endpoint-rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete EndpointRule tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection get: consumes: - application/json description: |- Read Endpoint rule operationId: ReadEndpointRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string - description: |- Endpoint rule id in: path name: endpoint-rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EndpointRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Endpoint rule tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection patch: consumes: - application/json description: | Create a Endpoint rule with the endpoint-rule-id is not already present, otherwise update the Endpoint Rule. operationId: PatchEndpointRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string - description: |- Endpoint rule id in: path name: endpoint-rule-id required: true type: string - in: body name: EndpointRule required: true schema: $ref: '#/definitions/EndpointRule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Endpoint rule tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection put: consumes: - application/json description: | Create a Endpoint rule with the endpoint-rule-id is not already present, otherwise update the Endpoint Rule. operationId: CreateOrUpdateEndpointRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Endpoint policy id in: path name: endpoint-policy-id required: true type: string - description: |- Endpoint rule id in: path name: endpoint-rule-id required: true type: string - in: body name: EndpointRule required: true schema: $ref: '#/definitions/EndpointRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EndpointRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Endpoint rule tags: - Policy - Security - Endpoint Protection - Rules x-vmw-nsx-module: PolicyGuestIntrospection /infra/domains/{domain-id}/forwarding-policies: get: consumes: - application/json description: | List all forwarding policies for the given domain ordered by precedence. operationId: ListForwardingPolicies parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List forwarding policies for the given domain tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /infra/domains/{domain-id}/forwarding-policies/stats?action=reset: post: consumes: - application/json description: | Sets Forwarding Policy rule statistics counter to zero. - no enforcement point path specified: Reset of stats will be executed for each enforcement point. - {enforcement_point_path}: Reset of stats will be executed only for the given enforcement point. operationId: ResetForwardingStats parameters: - in: path name: domain-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset Forwarding rule statistics tags: - Policy - Networking - Network Services - Forwarding Policies - Rules - Statistics x-vmw-nsx-module: PolicyForwardingStats /infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}: delete: consumes: - application/json description: |- Delete forwarding policy. operationId: DeleteForwardingPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete forwarding policy tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding get: consumes: - application/json description: | Read forwarding policy. operationId: ReadForwardingPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read forwarding policy tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding patch: consumes: - application/json description: | Create or update the forwarding policy. Performance Note: If you want to edit several rules in a forwarding policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: PatchForwardingPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - in: body name: ForwardingPolicy required: true schema: $ref: '#/definitions/ForwardingPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update forwarding policy tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding put: consumes: - application/json description: | Create or update the forwarding policy. Performance Note: If you want to edit several rules in a forwarding policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: CreateOrUpdateForwardingPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - in: body name: ForwardingPolicy required: true schema: $ref: '#/definitions/ForwardingPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update forwarding policy tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}/rules: get: consumes: - application/json description: |- List rules operationId: ListForwardingRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List rules tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}/rules/{forwarding-rule-id}/statistics: get: consumes: - application/json description: | Get aggregated statistics of Forwarding Policy Rule. Stats include total number of packets and total number of bytes for the rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point operationId: GetForwardingRuleStats parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding policy id in: path name: forwarding-policy-id required: true type: string - description: |- Forwarding Rule id in: path name: forwarding-rule-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingRuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding rule statistics. tags: - Policy - Networking - Network Services - Forwarding Policies - Rules - Statistics x-vmw-nsx-module: PolicyForwardingStats /infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}/rules/{rule-id}: delete: consumes: - application/json description: |- Delete ForwardingRule operationId: DeleteForwardingRule parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Forwarding Map ID in: path name: forwarding-policy-id required: true type: string - description: |- ForwardingRule ID in: path name: rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete ForwardingRule tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding get: consumes: - application/json description: |- Read rule operationId: ReadForwardingRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding patch: consumes: - application/json description: | Create a rule with the rule-id is not already present, otherwise update the rule. Performance Note: If you want to edit several rules in a forwarding policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id> operationId: PatchForwardingRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string - in: body name: ForwardingRule required: true schema: $ref: '#/definitions/ForwardingRule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update forwarding rule tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding put: consumes: - application/json description: | Create a rule with the rule-id is not already present, otherwise update the rule. Performance Note: If you want to edit several rules in a forwarding policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/forwarding-policies/<forwarding-policy-id> operationId: CreateOrUpdateForwardingRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding map id in: path name: forwarding-policy-id required: true type: string - description: |- rule id in: path name: rule-id required: true type: string - in: body name: ForwardingRule required: true schema: $ref: '#/definitions/ForwardingRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update forwarding rule tags: - Policy - Networking - Network Services - Forwarding Policies x-vmw-nsx-module: PolicyForwarding /infra/domains/{domain-id}/forwarding-policies/{forwarding-policy-id}/statistics: get: consumes: - application/json description: | Get aggregated stattistics of Forwarding Policy. Stats include total number of packets and total number of bytes for all Forwarding rules in a given Forwarding Policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetForwardingPolicyStats parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Forwarding policy id in: path name: forwarding-policy-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ForwardingPolicyStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding policy statistics. tags: - Policy - Networking - Network Services - Forwarding Policies - Statistics x-vmw-nsx-module: PolicyForwardingStats /infra/domains/{domain-id}/gateway-policies: get: consumes: - application/json description: |- List all gateway policies for specified Domain. operationId: ListGatewayPoliciesForDomain parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List gateway policies tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}: delete: consumes: - application/json description: |- Delete GatewayPolicy operationId: DeleteGatewayPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete GatewayPolicy tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall get: consumes: - application/json description: | Read gateway policy for a domain. operationId: ReadGatewayPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read gateway policy tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall patch: consumes: - application/json description: | Update the gateway policy for a domain. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a gateway policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: PatchGatewayPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: body name: GatewayPolicy required: true schema: $ref: '#/definitions/GatewayPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update gateway policy tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall put: consumes: - application/json description: | Update the gateway policy for a domain. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a gateway policy, use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: CreateOrReplaceGatewayPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: body name: GatewayPolicy required: true schema: $ref: '#/definitions/GatewayPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update gateway policy tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/rules: get: consumes: - application/json description: |- List rules operationId: ListGatewayRules parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List rules tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}: delete: consumes: - application/json description: |- Delete rule operationId: DeleteGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete rule tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall get: consumes: - application/json description: |- Read rule operationId: ReadGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall patch: consumes: - application/json description: | Update the gateway rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a gateway policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/gateway-policies/<gateway-policy-id> Concurrency Note: Concurrent firewall rule creation is not supported under the same Gateway Policy. operationId: PatchGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: Rule required: true schema: $ref: '#/definitions/Rule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update gateway rule tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall put: consumes: - application/json description: | Update the gateway rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a gateway policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/gateway-policies/<gateway-policy-id> Concurrency Note: Concurrent firewall rule creation is not supported under the same Gateway Policy. operationId: CreateOrReplaceGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: Rule required: true schema: $ref: '#/definitions/Rule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update gateway rule tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}/statistics: get: consumes: - application/json description: | Get statistics of a gateway rule. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetGatewayRuleStatistics parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get gateway rule statistics tags: - Policy - Security - North South Security - Gateway Firewall - Statistics x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/rules/{rule-id}?action=revise: post: consumes: - application/json description: | This is used to re-order a gateway rule within a gateway policy. operationId: ReviseGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: Rule required: true schema: $ref: '#/definitions/Rule' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of gateway rule tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}/statistics: get: consumes: - application/json description: | Get statistics of a gateay policy. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetGatewayPolicyStatistics parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get gateway policy statistics tags: - Policy - Security - North South Security - Gateway Firewall - Statistics x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/gateway-policies/{gateway-policy-id}?action=revise: post: consumes: - application/json description: | This is used to set a precedence of a gateway policy w.r.t others. operationId: ReviseGatewayPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: gateway-policy-id required: true type: string - in: body name: GatewayPolicy required: true schema: $ref: '#/definitions/GatewayPolicy' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of gateway policy tags: - Policy - Security - North South Security - Gateway Firewall - Rules x-vmw-nsx-module: PolicyEdgeFirewall /infra/domains/{domain-id}/groups: get: consumes: - application/json description: | List Groups for a domain. Groups can be filtered using member_types query parameter, which returns the groups that contains the specified member types. Multiple member types can be provided as comma separated values. The API also return groups having member type that are subset of provided member_types. operationId: ListGroupForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Comma Seperated Member types in: query name: member_types required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Groups for a domain tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /infra/domains/{domain-id}/groups/{group-id}: delete: consumes: - application/json description: |- Delete Group operationId: DeleteGroup parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - default: false description: Do not delete if the group subtree has any entities in: query name: fail_if_subtree_exists type: boolean - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy get: consumes: - application/json description: |- Read group operationId: ReadGroupForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Group' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy patch: consumes: - application/json description: | If a group with the group-id is not already present, create a new group. If it already exists, patch the group. operationId: PatchGroupForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - in: body name: Group required: true schema: $ref: '#/definitions/Group' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy put: consumes: - application/json description: | If a group with the group-id is not already present, create a new group. If it already exists, update the group. Avoid creating groups with multiple MACAddressExpression and IPAddressExpression. In future releases, group will be restricted to contain a single MACAddressExpression and IPAddressExpression along with other expressions. To group IPAddresses or MACAddresses, use nested groups instead of multiple IPAddressExpressions/MACAddressExpression. operationId: UpdateGroupForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - in: body name: Group required: true schema: $ref: '#/definitions/Group' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Group' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /infra/domains/{domain-id}/groups/{group-id}/discovery-profile-binding-maps: get: consumes: - application/json description: |- API will get Group discovery profile binding map operationId: ListGroupDiscoveryProfileBindings parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Group discovery profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /infra/domains/{domain-id}/groups/{group-id}/discovery-profile-binding-maps/{discovery-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Group discovery profile binding map operationId: DeleteGroupDiscoveryProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group discovery profile binding map ID in: path name: discovery-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Group discovery profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding get: consumes: - application/json description: |- API will get Group discovery profile binding map operationId: GetGroupDiscoveryProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group discovery profile binding map ID in: path name: discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Group discovery profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding patch: consumes: - application/json description: |- API will create or update Group discovery profile binding map operationId: PatchGroupDiscoveryProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group discovery profile binding map ID in: path name: discovery-profile-binding-map-id required: true type: string - in: body name: GroupDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/GroupDiscoveryProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Group discovery profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding put: consumes: - application/json description: |- API will update Group discovery profile binding map operationId: UpdateGroupDiscoveryProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group discovery profile binding map ID in: path name: discovery-profile-binding-map-id required: true type: string - in: body name: GroupDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/GroupDiscoveryProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Group discovery profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /infra/domains/{domain-id}/groups/{group-id}/dns-security-profile-binding-maps: get: consumes: - application/json description: |- API will get DNS security profile binding map operationId: ListDnsSecurityProfileBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DNS security profile binding map tags: - Policy - Security - Security Profiles - DNS Security Profile Bindings x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding /infra/domains/{domain-id}/groups/{group-id}/dns-security-profile-binding-maps/{dns-security-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete DNS security profile binding map operationId: DeleteDnsSecurityProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- DNS security profile binding map ID in: path name: dns-security-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DNS security profile binding map tags: - Policy - Security - Security Profiles - DNS Security Profile Bindings x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding get: consumes: - application/json description: |- API will get DNS security profile binding map operationId: GetDnsSecurityProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- DNS security profile binding map ID in: path name: dns-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DNS security profile binding map tags: - Policy - Security - Security Profiles - DNS Security Profile Bindings x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding patch: consumes: - application/json description: |- API will create or update DNS security profile binding map operationId: PatchDnsSecurityProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- DNS security profile binding map ID in: path name: dns-security-profile-binding-map-id required: true type: string - in: body name: DnsSecurityProfileBindingMap required: true schema: $ref: '#/definitions/DnsSecurityProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DNS security profile binding map tags: - Policy - Security - Security Profiles - DNS Security Profile Bindings x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding put: consumes: - application/json description: |- API will update DNS security profile binding map operationId: UpdateDnsSecurityProfileBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- DNS security profile binding map ID in: path name: dns-security-profile-binding-map-id required: true type: string - in: body name: DnsSecurityProfileBindingMap required: true schema: $ref: '#/definitions/DnsSecurityProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DnsSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update DNS security profile binding map tags: - Policy - Security - Security Profiles - DNS Security Profile Bindings x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding /infra/domains/{domain-id}/groups/{group-id}/external-id-expressions/{expression-id}: delete: consumes: - application/json description: |- Delete Group External ID Expression operationId: DeleteGroupExternalIDExpression parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- ExternalIDExpression ID in: path name: expression-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Group External ID Expression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy patch: consumes: - application/json description: | If a group ExternalIDexpression with the expression-id is not already present, create a new ExternalIDexpresison. If it already exists, replace the existing ExternalIDexpression. operationId: PatchGroupExternalIDExpressionForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- ExternalIDExpression ID in: path name: expression-id required: true type: string - in: body name: ExternalIDExpression required: true schema: $ref: '#/definitions/ExternalIDExpression' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a group external ID expression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy post: consumes: - application/json description: | It will add or remove the specified members having external ID for a given expression of a group. operationId: AddorRemoveGroupExternalIDMembers parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - in: path name: expression-id required: true type: string - in: body name: GroupMemberList required: true schema: $ref: '#/definitions/GroupMemberList' - description: Add or Remove group members. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Add or Remove external id based members from/to a Group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /infra/domains/{domain-id}/groups/{group-id}/firewall-flood-protection-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall Flood Protection Profile Binding Maps in current group id. operationId: ListPolicyFirewallFloodProtectionBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Flood Protection Profile Binding Maps tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding ? /infra/domains/{domain-id}/groups/{group-id}/firewall-flood-protection-profile-binding-maps/{firewall-flood-protection-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Firewall Flood Protection Profile Binding operationId: DeletePolicyFirewallFloodProtectionBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Flood Protection Profile Binding Map ID in: path name: firewall-flood-protection-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Firewall Flood Protection Profile Binding tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding get: consumes: - application/json description: | API will get Firewall Flood Protection Profile Binding Map operationId: GetPolicyFirewallFloodProtectionBinding parameters: - description: |- Domain-ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Flood Protection Profile Binding Map ID in: path name: firewall-flood-protection-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall Flood Protection Profile Binding Map tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding patch: consumes: - application/json description: |- API will create or update Firewall Flood Protection profile binding map operationId: PatchPolicyFirewallFloodProtectionProfileBindingMap parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Flood Protection Profile Binding Map ID in: path name: firewall-flood-protection-profile-binding-map-id required: true type: string - in: body name: PolicyFirewallFloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Firewall Flood Protection Profile Binding Map tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding put: consumes: - application/json description: |- API will update Firewall Flood Protection Profile Binding Map operationId: UpdatePolicyFirewallFloodProtectionBinding parameters: - description: |- DomainID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Flood Protection Profile Binding Map ID in: path name: firewall-flood-protection-profile-binding-map-id required: true type: string - in: body name: PolicyFirewallFloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Firewall Flood Protection Profile Binding Map tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding /infra/domains/{domain-id}/groups/{group-id}/firewall-session-timer-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall Session Timer Profile Binding Maps in current group id. operationId: ListPolicyFirewallSessionTimerBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Session Timer Profile Binding Maps tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding ? /infra/domains/{domain-id}/groups/{group-id}/firewall-session-timer-profile-binding-maps/{firewall-session-timer-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Firewall Session Timer Profile Binding operationId: DeletePolicyFirewallSessionTimerBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Session Timer Profile Binding Map ID in: path name: firewall-session-timer-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Firewall Session Timer Profile Binding tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding get: consumes: - application/json description: | API will get Firewall Session Timer Profile Binding Map operationId: GetPolicyFirewallSessionTimerBinding parameters: - description: |- Domain-ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Session Timer Profile Binding Map ID in: path name: firewall-session-timer-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall Session Timer Profile Binding Map tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding patch: consumes: - application/json description: |- API will create or update Firewall Session Timer profile binding map operationId: PatchPolicyFirewallSessionTimerProfileBindingMap parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Session Timer Profile Binding Map ID in: path name: firewall-session-timer-profile-binding-map-id required: true type: string - in: body name: PolicyFirewallSessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Firewall Session Timer Profile Binding Map tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding put: consumes: - application/json description: |- API will update Firewall Session Timer Profile Binding Map operationId: UpdatePolicyFirewallSessionTimerBinding parameters: - description: |- DomainID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Firewall Session Timer Profile Binding Map ID in: path name: firewall-session-timer-profile-binding-map-id required: true type: string - in: body name: PolicyFirewallSessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Firewall Session Timer Profile Binding Map tags: - Policy - Security - Security Profiles - Session Timer Profile Bindings x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding /infra/domains/{domain-id}/groups/{group-id}/group-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Group Monitoring Profile Binding Maps in current group id. operationId: ListGroupMonitoringBindings parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Group Monitoring Profile Binding Maps tags: - Policy - Security - Security Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/domains/{domain-id}/groups/{group-id}/group-monitoring-profile-binding-maps/{group-monitoring-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Group Monitoring Profile Binding operationId: DeleteGroupMonitoringBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group Monitoring Profile Binding Map ID in: path name: group-monitoring-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Group Monitoring Profile Binding tags: - Policy - Security - Security Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding get: consumes: - application/json description: | API will get Group Monitoring Profile Binding Map operationId: GetGroupMonitoringBinding parameters: - description: |- Domain-ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group Monitoring Profile Binding Map ID in: path name: group-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Group Monitoring Profile Binding Map tags: - Policy - Security - Security Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding patch: consumes: - application/json description: |- API will create group monitoring profile binding map operationId: PatchGroupMonitoringBinding parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group Monitoring Profile Binding Map ID in: path name: group-monitoring-profile-binding-map-id required: true type: string - in: body name: GroupMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/GroupMonitoringProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Group Monitoring Profile Binding Map tags: - Policy - Security - Security Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding put: consumes: - application/json description: |- API will update Group Monitoring Profile Binding Map operationId: UpdateGroupMonitoringBinding parameters: - description: |- DomainID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Group Monitoring Profile Binding Map ID in: path name: group-monitoring-profile-binding-map-id required: true type: string - in: body name: GroupMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/GroupMonitoringProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Group Monitoring Profile Binding Map tags: - Policy - Security - Security Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/domains/{domain-id}/groups/{group-id}/group-monitoring-profile-binding-maps/{group-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get mirror stack status by Group Monitoring Profile Binding Map operationId: GetGroupMonitoringBindingMirrorStackStatus parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - in: path name: group-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Group Monitoring Profile Binding Map. tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /infra/domains/{domain-id}/groups/{group-id}/ip-address-expressions/{expression-id}: delete: consumes: - application/json description: |- Delete Group IPAddressExpression operationId: DeleteGroupIPAddressExpression parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- IPAddressExpression ID in: path name: expression-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Group IPAddressExpression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy patch: consumes: - application/json description: | If a group IPAddressExpression with the expression-id is not already present, create a new IPAddressExpression. If it already exists, replace the existing IPAddressExpression. operationId: PatchGroupIPAddressExpressionForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- IPAddressExpression ID in: path name: expression-id required: true type: string - in: body name: IPAddressExpression required: true schema: $ref: '#/definitions/IPAddressExpression' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a group IP Address expression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy post: consumes: - application/json description: | It will add or remove the specified IP Addresses from a given expression of a group. operationId: AddorRemoveGroupIPAddresses parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - in: path name: expression-id required: true type: string - in: body name: IPAddressList required: true schema: $ref: '#/definitions/IPAddressList' - description: Add or Remove group members. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Add or Remove IP Addresses from/to a Group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /infra/domains/{domain-id}/groups/{group-id}/mac-address-expressions/{expression-id}: delete: consumes: - application/json description: |- Delete Group MACAddressExpression operationId: DeleteGroupMACAddressExpression parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- MACAddressExpression ID in: path name: expression-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Group MACAddressExpression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy patch: consumes: - application/json description: | If a group MACAddressExpression with the expression-id is not already present, create a new MACAddressExpression. If it already exists, replace the existing MACAddressExpression. operationId: PatchGroupMACAddressExpressionForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- MACAddressExpression ID in: path name: expression-id required: true type: string - in: body name: MACAddressExpression required: true schema: $ref: '#/definitions/MACAddressExpression' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a group MAC Address expression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy post: consumes: - application/json description: | It will add or remove the specified MAC Addresses from a given expression of a group. operationId: AddorRemoveGroupMACAddresses parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - in: path name: expression-id required: true type: string - in: body name: MACAddressList required: true schema: $ref: '#/definitions/MACAddressList' - description: Add or Remove group members. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Add or Remove MAC Addresses from/to a Group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /infra/domains/{domain-id}/groups/{group-id}/member-types: get: consumes: - application/json description: | It retrieves member types for a given group. In case of nested groups, it calculates member types of child groups as well. Considers member type for members added via static members and dynamic membership criteria. operationId: GetMemberTypesForGroup parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupMemberTypeListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get member types for a given Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: Policy /infra/domains/{domain-id}/groups/{group-id}/members/consolidated-effective-ip-addresses: get: consumes: - application/json description: | Returns consolidated effective ip address members of the specified NSGroup. Applicable in case of federated environment. The response contains site-wise list of consolidated effective IP address members. In the response, for the local-site, the list will contain static and dynamicaly translated IPs. For the remote sites, the list will contain only the dynamically translated IPs. The static IPs will not be seen in the response of this API. Hence, user can refer to the local-site Ip response in the API results or the group definition to see the static IP membership of the Group. This API is applicable only for Global Groups containing (directly or via nesting) either VirtualMachine, VIF, Segment, SegmentPort or IPSet member type. Use the cursor value in the response to fetch the next page. If there is no cursor value for a response, it implies the last page in the results for the query. operationId: GetConsolidatedEffectiveIPMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IP address, range, or subnet format: address-or-block-or-range in: query name: ip_filter required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: 'UUID of the site from which the effective IP addresses are to be fetched ' in: query name: site_id required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ConsolidatedEffectiveIPAddressMemberListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get consolidated effective IPAddress translated from this group across site tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/dvpg: get: consumes: - application/json description: | Get Discovered Port Groups that belong to this Group operationId: GetGroupDVPGMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Discovered Port Groups that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/dvports: get: consumes: - application/json description: | Get discovered ports that belong to this Group operationId: GetGroupDiscoveredPortMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get discovered ports that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/ip-addresses: get: consumes: - application/json description: | Get IP addresses that belong to this Group. This API is applicable for Groups containing either VirtualMachine, VIF, Segment ,Segment Port or IP Address member type.For Groups containing other member types,an empty list is returned operationId: GetGroupIPMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupIPMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IP addresses that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/logical-ports: get: consumes: - application/json description: | Get logical ports that belong to this Group This API is applicable for Groups containing either VirtualMachine, VIF, Segment or Segment Port member type.For Groups containing other member types,an empty list is returned. operationId: GetGroupLPMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get logical ports that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/logical-switches: get: consumes: - application/json description: | Get logical switches that belong to this Group. This API is applicable for Groups containing Segment member type. For Groups containing other member types, an empty list is returned. operationId: GetGroupLSMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get logical switches that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/pods: get: consumes: - application/json description: | Get pods that belong to this Group. This API is applicable for Groups containing either Pod, Cluster, Namespace, Service member type. For Groups containing other member types an empty list is returned operationId: GetGroupPodMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Cluster ID in: query name: cluster_id required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContainerGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get pods that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/segment-ports: get: consumes: - application/json description: | Get segment ports that belong to this Group operationId: GetGroupSegmentPortMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment ports that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/segments: get: consumes: - application/json description: | Get segments that belong to this Group operationId: GetGroupSegmentMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segments that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/vifs: get: consumes: - application/json description: | Get Virtual Network Interface instances that belong to this Group. This API is applicable for Groups containing VirtualNetworkInterface and VirtualMachine member types. For Groups containing other member types,an empty list is returned.target_id in response is external_id of VirtualNetworkInterface or VirtualMachine. operationId: GetGroupVIFMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualNetworkInterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Virtual Network Interface instances that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/members/virtual-machines: get: consumes: - application/json description: | Get Virtual machines that belong to this Group. This API is applicable for Groups containing VirtualMachine,member type. For Groups containing other member types,an empty list is returned. operationId: GetGroupVMMembers parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedVirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Virtual machines that belong to this Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/groups/{group-id}/path-expressions/{expression-id}: delete: consumes: - application/json description: |- Delete Group Path Expression operationId: DeleteGroupPathExpression parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- PathExpression ID in: path name: expression-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Group Path Expression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy patch: consumes: - application/json description: | If a group path_expression with the expression-id is not already present, create a new pathexpresison. If it already exists, replace the existing pathexpression. operationId: PatchGroupPathExpressionForDomain parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- PathExpression ID in: path name: expression-id required: true type: string - in: body name: PathExpression required: true schema: $ref: '#/definitions/PathExpression' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a group path expression tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy post: consumes: - application/json description: | It will add or remove the specified members having path for a given expression of a group. operationId: AddorRemoveGroupPathMembers parameters: - in: path name: domain-id required: true type: string - in: path name: group-id required: true type: string - in: path name: expression-id required: true type: string - in: body name: GroupMemberList required: true schema: $ref: '#/definitions/GroupMemberList' - description: Add or Remove group members. enum: - add - remove in: query name: action required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Add or Remove path based members from/to a Group tags: - Policy - Inventory - Groups - Groups x-vmw-nsx-module: Policy /infra/domains/{domain-id}/groups/{group-id}/port-mirroring-instances: get: consumes: - application/json description: | API will list all port mirroring instances active on current group. This API is deprecated. Please use the following API: https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles operationId: ListPortMirroringInstances parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringInstanceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port Mirroring Instances tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyOperations /infra/domains/{domain-id}/groups/{group-id}/port-mirroring-instances/{port-mirroring-instance-id}: delete: consumes: - application/json description: | API will delete port mirroring instance. Mirroring from source to destination ports will be stopped. This API is deprecated. Please use the following API: https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles operationId: DeletePortMirroringInstance parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Port Mirroring Instance Id in: path name: port-mirroring-instance-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port Mirroring Instance tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyOperations get: consumes: - application/json description: | API will return details of port mirroring instance. If instance does not exist, it will return 404. This API is deprecated. Please use the following API: https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles operationId: ReadPortMirroringInstance parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Port Mirroring Instance Id in: path name: port-mirroring-instance-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Details of Port Mirroring Instance tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyOperations patch: consumes: - application/json description: | Create a new Port Mirroring Instance if the Port Mirroring Instance with given id does not already exist. If the Port Mirroring Instance with the given id already exists, patch with the existing Port Mirroring Instance. This API is deprecated. Please use the following API: https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles operationId: PatchPortMirroringInstance parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Port Mirroring Instance Id in: path name: port-mirroring-instance-id required: true type: string - in: body name: PortMirroringInstance required: true schema: $ref: '#/definitions/PortMirroringInstance' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Port Mirroring Instance. tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyOperations put: consumes: - application/json description: | Create or Replace port mirroring instance. Packets will be mirrored from source group to destination group. This API is deprecated. Please use the following API: https://<policy-mgr>/policy/api/v1/infra/port-mirroring-profiles operationId: CreateOrReplacePortMirroringInstance parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Group ID in: path name: group-id required: true type: string - description: |- Port Mirroring Instance Id in: path name: port-mirroring-instance-id required: true type: string - in: body name: PortMirroringInstance required: true schema: $ref: '#/definitions/PortMirroringInstance' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace Port Mirroring Instance. tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyOperations /infra/domains/{domain-id}/groups/{group-id}/statistics/virtual-machines: get: consumes: - application/json description: | Get the effective VM membership for the Group. This API also gives some VM details such as VM name, IDs and the current state of the VMs. operationId: GetGroupVMStatistics parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedVirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get effective VMs for the Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupStatistics /infra/domains/{domain-id}/groups/{group-id}/tags: get: consumes: - application/json description: | Get tags used to define conditions inside a Group. Also includes tags inside nested groups. operationId: GetGroupTags parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupTagsList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tags used to define conditions inside a Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/domains/{domain-id}/intrusion-service-gateway-policies: get: consumes: - application/json description: |- List all IDS gateway policies for specified Domain. operationId: ListIdsGatewayPolicies parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsGatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDS gateway policies tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway /infra/domains/{domain-id}/intrusion-service-gateway-policies/{policy-id}: delete: consumes: - application/json description: |- Delete IDS GatewayPolicy operationId: DeleteIdsGatewayPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IDS GatewayPolicy tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway get: consumes: - application/json description: | Read IDS gateway policy for a domain. operationId: ReadIdsGatewayPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsGatewayPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IDS gateway policy tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway patch: consumes: - application/json description: | Update the IDS gateway policy for a domain. operationId: PatchIdsGatewayPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: body name: IdsGatewayPolicy required: true schema: $ref: '#/definitions/IdsGatewayPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update IDS gateway policy tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway put: consumes: - application/json description: | Update the IDS gateway policy for a domain. operationId: CreateOrReplaceIdsGatewayPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: body name: IdsGatewayPolicy required: true schema: $ref: '#/definitions/IdsGatewayPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsGatewayPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update IDS gateway policy tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway /infra/domains/{domain-id}/intrusion-service-gateway-policies/{policy-id}/rules: get: consumes: - application/json description: |- List IDS Gateway rules operationId: ListIdsGatewayRules parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDS Gateway rules tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway /infra/domains/{domain-id}/intrusion-service-gateway-policies/{policy-id}/rules/{rule-id}: delete: consumes: - application/json description: |- Delete IDS Gateway rule operationId: DeleteIdsGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IDS Gateway rule tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway get: consumes: - application/json description: |- Read IDS rule operationId: ReadIdsGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IDS rule tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway patch: consumes: - application/json description: | Update the gateway rule. operationId: PatchIdsGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: IdsRule required: true schema: $ref: '#/definitions/IdsRule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update IDS gateway rule tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway put: consumes: - application/json description: | Create or Update the IDS gateway rule. operationId: CreateOrReplaceIdsGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: IdsRule required: true schema: $ref: '#/definitions/IdsRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update IDS gateway rule tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway /infra/domains/{domain-id}/intrusion-service-gateway-policies/{policy-id}/rules/{rule-id}/statistics: get: consumes: - application/json description: | Get statistics of a IDS gateway rule. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetIdsGatewayRuleStatistics parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS gateway rule statistics tags: - Policy - Security - North South Security - Distributed IDS - Rules - Statistics x-vmw-nsx-module: PolicyIDSStats /infra/domains/{domain-id}/intrusion-service-gateway-policies/{policy-id}/rules/{rule-id}?action=revise: post: consumes: - application/json description: | This is used to re-order a IDS gateway rule within a IDS gateway policy. operationId: ReviseIdsGatewayRule parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: IdsRule required: true schema: $ref: '#/definitions/IdsRule' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of IDS gateway rule tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway /infra/domains/{domain-id}/intrusion-service-gateway-policies/{policy-id}/statistics: get: consumes: - application/json description: | Get statistics of a IDS gateway policy. - no enforcement point path specified: Stats will be evaluated on each enforcement. point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetIdsGatewayPolicyStatistics parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSecurityPolicyStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS gateway policy statistics tags: - Policy - Security - North South Security - Distributed IDS - Statistics x-vmw-nsx-module: PolicyIDSStats /infra/domains/{domain-id}/intrusion-service-gateway-policies/{policy-id}?action=revise: post: consumes: - application/json description: | This is used to set a precedence of a IDS gateway policy w.r.t others. operationId: ReviseIdsGatewayPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: body name: IdsGatewayPolicy required: true schema: $ref: '#/definitions/IdsGatewayPolicy' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsGatewayPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of IDS gateway policy tags: - Policy - Security - North South Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDSGateway /infra/domains/{domain-id}/intrusion-service-policies: get: consumes: - application/json description: | List intrusion detection system security policies. operationId: ListIdsSecurityPolicies parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSecurityPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDS security policies tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS /infra/domains/{domain-id}/intrusion-service-policies/{ids-policy-id}/rules/{rule-id}/statistics: get: consumes: - application/json description: | Get statistics of a IDS/IPS rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetIdsRuleStatistics parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- IDS policy id in: path name: ids-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS/IPS rule statistics tags: - Policy - Security - East West Security - Distributed IDS - Rules - Statistics x-vmw-nsx-module: PolicyIDSStats /infra/domains/{domain-id}/intrusion-service-policies/{ids-policy-id}/statistics: get: consumes: - application/json description: | Get statistics of a IDS security policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetIdsSecurityPolicyStatistics parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- IDS Security policy id in: path name: ids-policy-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSecurityPolicyStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS security policy statistics tags: - Policy - Security - East West Security - Distributed IDS - Statistics x-vmw-nsx-module: PolicyIDSStats /infra/domains/{domain-id}/intrusion-service-policies/{policy-id}: delete: consumes: - application/json description: | Delete intrusion detection system security policy. operationId: DeleteIdsSecurityPolicy parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IDS security policy tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS get: consumes: - application/json description: | Read intrusion detection system security policy. operationId: GetIdsSecurityPolicy parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS security policy. tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS patch: consumes: - application/json description: |- Patch intrusion detection system security policy for a domain. operationId: PatchIdsSecurityPolicy parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string - in: body name: IdsSecurityPolicy required: true schema: $ref: '#/definitions/IdsSecurityPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IDS security policy tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS put: consumes: - application/json description: |- Update intrusion detection system security policy for a domain. operationId: CreateOrUpdateIdsSecurityPolicy parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string - in: body name: IdsSecurityPolicy required: true schema: $ref: '#/definitions/IdsSecurityPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- create or update IDS security policy tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS /infra/domains/{domain-id}/intrusion-service-policies/{policy-id}/rules: get: consumes: - application/json description: | List intrusion detection rules. operationId: ListIdsRules parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDS rules tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS /infra/domains/{domain-id}/intrusion-service-policies/{policy-id}/rules/{rule-id}: delete: consumes: - application/json description: | Delete intrusion detection rule. operationId: DeleteIdsRule parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string - description: |- Rule ID in: path name: rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IDS rule tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS get: consumes: - application/json description: | Read intrusion detection rule operationId: GetIdsRule parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string - description: |- Rule ID in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS rule. tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS patch: consumes: - application/json description: |- Patch intrusion detection system rule. operationId: PatchIdsRule parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string - description: |- Rule ID in: path name: rule-id required: true type: string - in: body name: IdsRule required: true schema: $ref: '#/definitions/IdsRule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IDS rule tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS put: consumes: - application/json description: |- Update intrusion detection system rule. operationId: CreateOrUpdateIdsRule parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Policy ID in: path name: policy-id required: true type: string - description: |- Rule ID in: path name: rule-id required: true type: string - in: body name: IdsRule required: true schema: $ref: '#/definitions/IdsRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- create or update IDS rule tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS /infra/domains/{domain-id}/intrusion-service-policies/{policy-id}/rules/{rule-id}?action=revise: post: consumes: - application/json description: | This is used to re-order a rule within a security policy. operationId: ReviseIdsRule parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: IdsRule required: true schema: $ref: '#/definitions/IdsRule' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of IDS rule tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS /infra/domains/{domain-id}/intrusion-service-policies/{policy-id}?action=revise: post: consumes: - application/json description: | This is used to set a precedence of a security policy w.r.t others. operationId: ReviseIdsSecurityPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: policy-id required: true type: string - in: body name: IdsSecurityPolicy required: true schema: $ref: '#/definitions/IdsSecurityPolicy' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of IDS security policies tags: - Policy - Security - East West Security - Distributed IDS - Rules x-vmw-nsx-module: PolicyIDS /infra/domains/{domain-id}/redirection-policies: get: consumes: - application/json description: |- List redirection policys for a domain operationId: ListRedirectionPolicies parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RedirectionPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List redirection policys for a domain tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion /infra/domains/{domain-id}/redirection-policies/{redirection-policy-id}: delete: consumes: - application/json description: |- Delete redirection policy. operationId: DeleteRedirectionPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Redirection map id in: path name: redirection-policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete redirection policy tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: | Read redirection policy. operationId: ReadRedirectionPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Redirection map id in: path name: redirection-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RedirectionPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read redirection policy tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create or update the redirection policy. Performance Note: If you want to edit several rules in a redirection policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: PatchRedirectionPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Redirection map id in: path name: redirection-policy-id required: true type: string - in: body name: RedirectionPolicy required: true schema: $ref: '#/definitions/RedirectionPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update redirection policy tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create or update the redirection policy. Performance Note: If you want to edit several rules in a redirection policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: CreateOrUpdateRedirectionPolicy parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Redirection map id in: path name: redirection-policy-id required: true type: string - in: body name: RedirectionPolicy required: true schema: $ref: '#/definitions/RedirectionPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RedirectionPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update redirection policy tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion /infra/domains/{domain-id}/redirection-policies/{redirection-policy-id}/rules: get: consumes: - application/json description: |- List rules operationId: ListRedirectionRules parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Redirection map id in: path name: redirection-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RedirectionRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List rules tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion /infra/domains/{domain-id}/redirection-policies/{redirection-policy-id}/rules/{rule-id}: delete: consumes: - application/json description: |- Delete RedirectionRule operationId: DeleteRedirectionRule parameters: - description: |- Domain ID in: path name: domain-id required: true type: string - description: |- Redirection Map ID in: path name: redirection-policy-id required: true type: string - description: |- RedirectionRule ID in: path name: rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete RedirectionRule tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read rule operationId: ReadRedirectionRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Redirection map id in: path name: redirection-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RedirectionRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create a rule with the rule-id is not already present, otherwise update the rule. Performance Note: If you want to edit several rules in a redirection policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/redirection-policies/<red-policy-id> operationId: PatchRedirectionRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- RedirectionPolicy id in: path name: redirection-policy-id required: true type: string - description: |- rule id in: path name: rule-id required: true type: string - in: body name: RedirectionRule required: true schema: $ref: '#/definitions/RedirectionRule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update redirection rule tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create a rule with the rule-id is not already present, otherwise update the rule. Performance Note: If you want to edit several rules in a redirection policy,prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/redirection-policies/<red-policy-id> operationId: CreateOrUpdateRedirectionRule parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Redirection map id in: path name: redirection-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string - in: body name: RedirectionRule required: true schema: $ref: '#/definitions/RedirectionRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RedirectionRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update redirection rule tags: - Policy - Security - Service Insertion - Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion /infra/domains/{domain-id}/security-policies: get: consumes: - application/json description: | List all security policies for a domain. operationId: ListSecurityPoliciesForDomain parameters: - in: path name: domain-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List security policies tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}: delete: consumes: - application/json description: | Deletes the security policy along with all the rules operationId: DeleteSecurityPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deletes a security policy from this domain tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy get: consumes: - application/json description: | Read security policy for a domain. operationId: ReadSecurityPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read security policy tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy patch: consumes: - application/json description: | Patch the security policy for a domain. If a security policy for the given security-policy-id is not present, the object will get created and if it is present it will be updated. This is a full replace. Performance Note: If you want to edit several rules in a security policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: PatchSecurityPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: body name: SecurityPolicy required: true schema: $ref: '#/definitions/SecurityPolicy' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch security policy tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy put: consumes: - application/json description: | Create or Update the security policy for a domain. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a security policy, use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: UpdateSecurityPolicyForDomain parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: body name: SecurityPolicy required: true schema: $ref: '#/definitions/SecurityPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update security policy tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/container-cluster-span: get: consumes: - application/json description: | List all container cluster span of a security policy operationId: ListContainerClustersForSecurityPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyContainerClusterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all container cluster span of a security policy tags: - Policy - Security - East West Security - Distributed Firewall - Container Cluster x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/container-cluster-span/{antrea-cluster-1}: delete: consumes: - application/json description: | Deletes the security policy along with all the rules operationId: DeleteClusterContainerForSecurityPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: antrea-cluster-1 required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deletes a security policy from this domain tags: - Policy - Security - East West Security - Distributed Firewall - Container Cluster x-vmw-nsx-module: DfwSecurityPolicy get: consumes: - application/json description: | Read container cluster for a security policy. operationId: ReadContainerClusterSpanForSecurityPolicy parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: antrea-cluster-1 required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyContainerCluster' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read container cluster for a security policy tags: - Policy - Security - East West Security - Distributed Firewall - Container Cluster x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/container-cluster-span/{container-cluster-id}: patch: consumes: - application/json description: | Add a container cluster as a span of this security policy. If there already exists another object containing the same container cluster path, an error will be thrown. The container cluster path cannot be modified If the path has to be modified, then delete this entity and add a new entity with the desired container cluster path operationId: PatchContainerClusterSpan parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: container-cluster-id required: true type: string - in: body name: SecurityPolicyContainerCluster required: true schema: $ref: '#/definitions/SecurityPolicyContainerCluster' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Add a container cluster as a span of this security policy tags: - Policy - Security - East West Security - Distributed Firewall - Container Cluster x-vmw-nsx-module: DfwSecurityPolicy put: consumes: - application/json description: | Add a container cluster as a span of this security policy. If there already exists another object containing the same container cluster path, an error will be thrown. The container cluster path cannot be modified If the path has to be modified, then delete this entity and add a new entity with the desired container cluster path operationId: AddContainerClusterSpan parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: container-cluster-id required: true type: string - in: body name: SecurityPolicyContainerCluster required: true schema: $ref: '#/definitions/SecurityPolicyContainerCluster' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyContainerCluster' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Add a container cluster as a span of this security policy tags: - Policy - Security - East West Security - Distributed Firewall - Container Cluster x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/rules: get: consumes: - application/json description: |- List rules operationId: ListSecurityRules parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List rules tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}: delete: consumes: - application/json description: |- Delete rule operationId: DeleteSecurityRule parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete rule tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy get: consumes: - application/json description: |- Read rule operationId: ReadSecurityRule parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy patch: consumes: - application/json description: | Patch the rule. If Rule corresponding to the the given rule-id is not present, the object will get created and if it is present it will be updated. This is a full replace. Performance Note: If you want to edit several rules in a security policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/security-policies/<security-policy-id> operationId: PatchSecurityRule parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: Rule required: true schema: $ref: '#/definitions/Rule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a rule tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy put: consumes: - application/json description: | Update the rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you wish to edit several rules in a security policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/domains/<domain-id>/security-policies/<security-policy-id> operationId: UpdateSecurityRule parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: Rule required: true schema: $ref: '#/definitions/Rule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a rule tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}/statistics: get: consumes: - application/json description: | Get statistics of a rule. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetRuleStatistics parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Security policy id in: path name: security-policy-id required: true type: string - description: |- Rule id in: path name: rule-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get rule statistics tags: - Policy - Security - East West Security - Distributed Firewall - Statistics x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/rules/{rule-id}?action=revise: post: consumes: - application/json description: | This is used to re-order a rule within a security policy. operationId: ReviseSecurityRule parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: Rule required: true schema: $ref: '#/definitions/Rule' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Rule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of rule tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}/statistics: get: consumes: - application/json description: | Get statistics of a security policy. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. operationId: GetSecurityPolicyStatistics parameters: - description: |- Domain id in: path name: domain-id required: true type: string - description: |- Security policy id in: path name: security-policy-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicyStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get security policy statistics tags: - Policy - Security - East West Security - Distributed Firewall - Statistics x-vmw-nsx-module: DfwSecurityPolicy /infra/domains/{domain-id}/security-policies/{security-policy-id}?action=revise: post: consumes: - application/json description: | This is used to set a precedence of a security policy w.r.t others. operationId: ReviseSecurityPolicies parameters: - in: path name: domain-id required: true type: string - in: path name: security-policy-id required: true type: string - in: body name: SecurityPolicy required: true schema: $ref: '#/definitions/SecurityPolicy' - description: 'The security policy/rule path if operation is ''insert_after'' or ''insert_before'' ' in: query name: anchor_path required: false type: string - default: insert_top description: Operation enum: - insert_top - insert_bottom - insert_after - insert_before in: query name: operation required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Revise the positioning of security policies tags: - Policy - Security - East West Security - Distributed Firewall - Rules x-vmw-nsx-module: DfwSecurityPolicy /infra/drafts: get: consumes: - application/json description: |- List policy drafts. operationId: ListDrafts parameters: - description: Fetch list of draft based on is_auto_draft flag in: query name: auto_drafts type: boolean - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDraftListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List policy drafts tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft /infra/drafts/{draft-id}: delete: consumes: - application/json description: |- Delete a manual draft. operationId: DeleteDraft parameters: - in: path name: draft-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a manual draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft get: consumes: - application/json description: | Read a draft for a given draft identifier. operationId: ReadDraft parameters: - in: path name: draft-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDraft' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft patch: consumes: - application/json description: | Create a new manual draft if the specified draft id does not correspond to an existing draft. Update the manual draft otherwise. Auto draft can not be updated. operationId: PatchDraft parameters: - in: path name: draft-id required: true type: string - in: body name: PolicyDraft required: true schema: $ref: '#/definitions/PolicyDraft' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a manual draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft put: consumes: - application/json description: | Create a new manual draft if the specified draft id does not correspond to an existing draft. Update the manual draft otherwise. Auto draft can not be updated. operationId: PutDraft parameters: - in: path name: draft-id required: true type: string - in: body name: PolicyDraft required: true schema: $ref: '#/definitions/PolicyDraft' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDraft' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a manual draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft /infra/drafts/{draft-id}/aggregated: get: consumes: - application/json description: | Get an aggregated configuration that will get applied onto current configuration during publish of this draft. The response is a hierarchical payload containing the aggregated configuration differences from the latest auto draft till the specified draft. operationId: GetAggregatedConfigurationToBePublishedForDraft parameters: - in: path name: draft-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Infra' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get an aggregated configuration for the draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft /infra/drafts/{draft-id}/aggregated_with_pagination: get: consumes: - application/json description: | Get a paginated aggregated configuration of a given draft. This aggregated configuration is the differnece between the current published firewall configuration and a firewall configuration stored in a given draft. For an initial API call, if request_id is present in a response, then this is a paginated aggregated configuration of a given draft, containing all the security policies from the aggregated configuration. Using this request_id, more granular aggregated configuration, at security policy level, can be fetched from subsequent API calls. Absence of request_id suggests that whole aggregated configuration has been returned as a response to initial API call, as the size of aggregated configuration is not big enough to need pagination. operationId: GetPolicyDraftPaginatedAggregatedConfigurationResult parameters: - in: path name: draft-id required: true type: string - description: Request identifier to track subsequent API calls in: query name: request_id required: false type: string - description: Path of the root object of subtree in: query name: root_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDraftPaginatedAggregatedConfigurationResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get paginated aggregated configuration for the draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft /infra/drafts/{draft-id}/complete: get: consumes: - application/json description: | Get a preview of a configuration which will be present after publish of a specified draft. The response essentially is a hierarchical payload containing the configuration, which will be in active after a specified draft gets published onto current configuration. operationId: GetPreviewOfConfigurationAfterPublishOfDraft parameters: - in: path name: draft-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Infra' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a preview of a configuration after publish of a draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft /infra/drafts/{draft-id}?action=publish: post: consumes: - application/json description: | Read a draft and publish it by applying changes onto current configuration. If there are additional changes on top of draft configuration, pass it as a request body, in form of Infra object. Otherwise, if there are no additional changes, then pass empty Infra object as a request body. operationId: PublishDraft parameters: - in: path name: draft-id required: true type: string - in: body name: Infra required: true schema: $ref: '#/definitions/Infra' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Publish a draft tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Drafts x-vmw-nsx-module: PolicyDraft /infra/evpn-tenant-configs: get: consumes: - application/json description: | List all evpn tunnel endpoint configuration. operationId: ListEvpnTenantConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnTenantConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Evpn Tenant Configuration tags: - Policy - Networking - Networking Profiles - EVPN Tenant Configuration x-vmw-nsx-module: PolicyConnectivity /infra/evpn-tenant-configs/{config-id}: delete: consumes: - application/json description: |- Delete evpn tunnel endpoint configuration. operationId: DeleteEvpnTenantConfig parameters: - description: |- tier0 id in: path name: config-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete evpn tunnel endpoint configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Tunnel Endpoints x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read Evpn Tenant Configuration. operationId: ReadEvpnTenantConfig parameters: - description: |- config id in: path name: config-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnTenantConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Evpn Tenant Configuration tags: - Policy - Networking - Networking Profiles - EVPN Tenant Configuration x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create a global evpn tenant configuration if it is not already present, otherwise update the evpn tenant configuration. operationId: PatchEvpnTenantConfig parameters: - description: |- Evpn Tenant config id in: path name: config-id required: true type: string - in: body name: EvpnTenantConfig required: true schema: $ref: '#/definitions/EvpnTenantConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update Evpn Tenant Configuration tags: - Policy - Networking - Networking Profiles - EVPN Tenant Configuration x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create or update Evpn Tenant configuration. operationId: CreateOrUpdateEvpnTenantConfig parameters: - description: |- Evpn Tenant config id in: path name: config-id required: true type: string - in: body name: EvpnTenantConfig required: true schema: $ref: '#/definitions/EvpnTenantConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnTenantConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update Evpn Tenant Configuration tags: - Policy - Networking - Networking Profiles - EVPN Tenant Configuration x-vmw-nsx-module: PolicyConnectivity /infra/federation-config: get: consumes: - application/json description: |- Read a federation config from Global Manager. operationId: ReadFederationConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FederationConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read federation config tags: - Federation - Federation Configuration x-vmw-nsx-module: PolicySiteGM /infra/firewall-identity-store-event-log-servers/status: post: consumes: - application/json description: |- This API tests a event log server connectivity before the actual domain or event log server is configured. If the connectivity is good, the response will be HTTP status 200. Otherwise the response will be HTTP status 200 and a corresponding error message will be returned. operationId: VerifyFirewallIdentityStoreEventLogServer parameters: - in: body name: DirectoryEventLogServer required: true schema: $ref: '#/definitions/DirectoryEventLogServer' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryEventLogServerStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Test a directory domain event log server connectivity tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - LDAP Servers x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-store-ldap-server: post: consumes: - application/json description: |- This API tests a LDAP server connectivity before the actual domain or LDAP server is configured. If the connectivity is good, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. operationId: VerifyFirewallIdentityStoreLdapServer parameters: - in: body name: DirectoryLdapServer required: true schema: $ref: '#/definitions/DirectoryLdapServer' - description: LDAP server test requested enum: - CONNECTIVITY in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryLdapServerStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Test a directory domain LDAP server connectivity tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - LDAP Servers x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-store-size: post: consumes: - application/json description: |- This call scans the size of a directory domain. It may be very | expensive to run this call in some AD domain deployments. Please | use it with caution. operationId: ScanFirewallIdentityStoreSize parameters: - in: body name: DirectoryDomain required: true schema: $ref: '#/definitions/DirectoryDomain' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryDomainSize' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Scan the size of a directory domain tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores: get: consumes: - application/json description: |- List all firewall identity stores operationId: ListFirewallIdentityStores parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryDomainListResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all firewall identity stores tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores-org-units: post: consumes: - application/json description: |- Fetch all organization units for a LDAP server. operationId: FetchFirewallIdentityStoreOrgUnits parameters: - in: body name: DirectoryLdapServer required: true schema: $ref: '#/definitions/DirectoryLdapServer' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryOrgUnitListResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Fetch all organization units for a LDAP server. tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}: delete: consumes: - application/json description: | If the firewall identity store is removed, it will stop the identity store synchronization. User will not be able to define new IDFW rules operationId: DeleteFirewallIdentityStore parameters: - description: |- firewall identity store ID in: path name: firewall-identity-store-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete firewall identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity get: consumes: - application/json description: |- Return a firewall identity store based on the store identifier operationId: ReadFirewallIdentityStore parameters: - description: |- firewall identity store ID in: path name: firewall-identity-store-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryDomain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read firewall identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity patch: consumes: - application/json description: | If a firewall identity store with the firewall-identity-store-id is not already present, create a new firewall identity store. If it already exists, update the firewall identity store with specified attributes. operationId: CreateOrPatchFirewallIdentityStore parameters: - description: |- firewall identity store ID in: path name: firewall-identity-store-id required: true type: string - in: body name: DirectoryDomain required: true schema: $ref: '#/definitions/DirectoryDomain' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a firewall identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity post: consumes: - application/json description: | Invoke full sync or delta sync for a specific domain, with additional delay in seconds if needed. Stop sync will try to stop any pending sync if any to return to idle state. operationId: RequestFirewallIdentityStoreSync parameters: - description: |- Firewall identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: Sync type requested enum: - FULL_SYNC - DELTA_SYNC - STOP_SYNC in: query name: action required: true type: string - default: 0 description: Request to execute the sync with some delay in seconds format: int64 in: query minimum: 0 name: delay required: false type: integer - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Invoke full sync or delta sync for a specific domain, with additional delay in seconds if needed. Stop sync will try to stop any pending sync if any to return to idle state. tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity put: consumes: - application/json description: | If a firewall identity store with the firewall-identity-store-id is not already present, create a new firewall identity store. If it already exists, replace the firewall identity store instance with the new object. operationId: CreateOrReplaceFirewallIdentityStore parameters: - description: |- firewall identity store ID in: path name: firewall-identity-store-id required: true type: string - in: body name: DirectoryDomain required: true schema: $ref: '#/definitions/DirectoryDomain' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryDomain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a firewall identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}/event-log-servers/{event-log-server-id}: delete: consumes: - application/json description: |- Delete a Event Log server for Firewall Identity store operationId: DeleteFirewallIdentityStoreEventLogServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- Event Log server identifier in: path name: event-log-server-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Event Log server for Firewall Identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Event-Log-Server x-vmw-nsx-module: PolicyIdentity get: consumes: - application/json description: |- Get a specific Event Log server for a given Firewall Identity store operationId: ReadFirewallIdentityStoreEventLogServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- Event Log server identifier in: path name: event-log-server-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryEventLogServer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a specific Event Log server for a given Firewall Identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Event-Log-Server x-vmw-nsx-module: PolicyIdentity patch: consumes: - application/json description: | More than one Event Log server can be created and only one event log server is used to synchronize directory objects. If more than one Event Log server is configured, NSX will try all the servers until it is able to successfully connect to one. operationId: CreateOrPatchFirewallIdentityStoreEventLogServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- Event Log server identifier in: path name: event-log-server-id required: true type: string - in: body name: DirectoryEventLogServer required: true schema: $ref: '#/definitions/DirectoryEventLogServer' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '201': description: Created '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a Event Log server for Firewall Identity store tags: - System Administration - Configuration - Directory Service - Event-Log-Server x-vmw-nsx-module: PolicyIdentity put: consumes: - application/json description: |- Update a event log server for Firewall Identity store operationId: CreateOrReplaceFirewallIdentityStoreEventLogServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- Event Log Server identifier in: path name: event-log-server-id required: true type: string - in: body name: DirectoryEventLogServer required: true schema: $ref: '#/definitions/DirectoryEventLogServer' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryEventLogServer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update a event log server for Firewall Identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Event-Log-Server x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}/groups: get: consumes: - application/json description: |- Search for directory groups within a domain based on the substring of a distinguished name. (e.g. CN=User,DC=acme,DC=com) The search filter pattern can optionally support multiple (up to 100 maximum) search pattern separated by '|' (url encoded %7C). In this case, the search results will be returned as the union of all matching criteria. (e.g. CN=Ann,CN=Users,DC=acme,DC=com|CN=Bob,CN=Users,DC=acme,DC=com) operationId: SearchFirewallIdentityGroups parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Name search filter value in: query name: filter_value required: true type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryGroupListResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Search for directory groups within a domain based on the substring of a distinguished name. (e.g. CN=User,DC=acme,DC=com) The search filter pattern can optionally support multiple (up to 100 maximum) search pattern separated by '|' (url encoded %7C). In this case, the search results will be returned as the union of all matching criteria. (e.g. CN=Ann,CN=Users,DC=acme,DC=com|CN=Bob,CN=Users,DC=acme,DC=com) tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Groups x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}/groups/{group-id}/member-groups: get: consumes: - application/json description: |- A member group could be either direct member of the group specified by group_id or nested member of it. Both direct member groups and nested member groups are returned. Directory group member sync must be enabled to get the correct results. operationId: ListFirewallIdentityStoreGroupMemberGroups parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- Directory group identifier in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryGroupMemberListResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List members of a directory group tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Groups x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}/ldap-servers: get: consumes: - application/json description: |- List all configured domain LDAP servers operationId: ListFirewallIdentityStoreLdapServers parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryLdapServerListResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all configured domain LDAP servers tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Ldap-Server x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}/ldap-servers/{ldap-server-id}: delete: consumes: - application/json description: |- Delete a LDAP server for Firewall Identity store operationId: DeleteFirewallIdentityStoreLdapServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- LDAP server identifier in: path name: ldap-server-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a LDAP server for Firewall Identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Ldap-Server x-vmw-nsx-module: PolicyIdentity get: consumes: - application/json description: |- Get a specific LDAP server for a given Firewall Identity store operationId: ReadFirewallIdentityStoreLdapServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- LDAP server identifier in: path name: ldap-server-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryLdapServer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a specific LDAP server for a given Firewall Identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Ldap-Server x-vmw-nsx-module: PolicyIdentity patch: consumes: - application/json description: | More than one LDAP server can be created and only one LDAP server is used to synchronize directory objects. If more than one LDAP server is configured, NSX will try all the servers until it is able to successfully connect to one. operationId: CreateOrPatchFirewallIdentityStoreLdapServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- LDAP server identifier in: path name: ldap-server-id required: true type: string - in: body name: DirectoryLdapServer required: true schema: $ref: '#/definitions/DirectoryLdapServer' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/DirectoryLdapServer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a LDAP server for Firewall Identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Ldap-Server x-vmw-nsx-module: PolicyIdentity post: consumes: - application/json description: |- The API tests a LDAP server connection for an already configured domain. If the connection is successful, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. operationId: TestFirewallIdentityStoreLdapServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- LDAP server identifier in: path name: ldap-server-id required: true type: string - description: LDAP server test requested enum: - CONNECTIVITY in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': description: Internal Server Error '503': $ref: '#/responses/ServiceUnavailable' summary: |- Test a LDAP server connection for directory domain tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - LDAP Servers x-vmw-nsx-module: PolicyIdentity put: consumes: - application/json description: |- Update a LDAP server for Firewall Identity store operationId: CreateOrReplaceFirewallIdentityStoreLdapServer parameters: - description: |- Firewall Identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: |- LDAP server identifier in: path name: ldap-server-id required: true type: string - in: body name: DirectoryLdapServer required: true schema: $ref: '#/definitions/DirectoryLdapServer' - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryLdapServer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update a LDAP server for Firewall Identity store tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store - Ldap-Server x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}/org-units: get: consumes: - application/json description: |- Fetch all organization units for a Firewall Identity Store. operationId: FetchFirewallIdentityStoreOrgUnitsForIdentityStore parameters: - description: |- Firewall Identity Store identifier in: path name: firewall-identity-store-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryOrgUnitListResults' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Fetch all organization units for a Firewall Identity Store. tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/firewall-identity-stores/{firewall-identity-store-id}/sync-stats: get: consumes: - application/json description: |- Get Firewall identity store sync statistics for the given identifier operationId: GetFirewallIdentityStoreSyncStats parameters: - description: |- Firewall identity store identifier in: path name: firewall-identity-store-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DirectoryDomainSyncStats' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall identity store sync statistics for the given identifier tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/firewall-schedulers: get: consumes: - application/json description: | Get all PolicyFirewallSchedulers operationId: ListPolicyFirewallSchedulers parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSchedulerListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PolicyFirewallSchedulers tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Scheduler x-vmw-nsx-module: PolicyFirewallScheduler /infra/firewall-schedulers/{firewall-scheduler-id}: delete: consumes: - application/json description: | Deletes the specified PolicyFirewallScheduler. If scheduler is consumed in a security policy, it won't get deleted. operationId: DeletePolicyFirewallScheduler parameters: - in: path name: firewall-scheduler-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Policy Firewall Scheduler tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Scheduler x-vmw-nsx-module: PolicyFirewallScheduler get: consumes: - application/json description: | Get a PolicyFirewallScheduler by id operationId: GetPolicyFirewallScheduler parameters: - in: path name: firewall-scheduler-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallScheduler' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PolicyFirewallScheduler tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Scheduler x-vmw-nsx-module: PolicyFirewallScheduler patch: consumes: - application/json description: | Creates/Updates a PolicyFirewallScheduler, which can be set at security policy. Note that at least one property out of "days", "start_date", "time_interval", "end_date" is required if "recurring" field is true. Also "start_time" and "end_time" should not be present. And if "recurring" field is false then "start_date" and "end_date" is mandatory, "start_time" and "end_time" is optional. Also the fields "days" and "time_interval" should not be present. operationId: PatchPolicyFirewallScheduler parameters: - in: path name: firewall-scheduler-id required: true type: string - in: body name: PolicyFirewallScheduler required: true schema: $ref: '#/definitions/PolicyFirewallScheduler' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update PolicyFirewallScheduler tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Scheduler x-vmw-nsx-module: PolicyFirewallScheduler put: consumes: - application/json description: | Updates a PolicyFirewallScheduler, which can be set at security policy. Note that at least one property out of "days", "start_date", "time_interval", "end_date" is required if "recurring" field is true. Also "start_time" and "end_time" should not be present. And if "recurring" field is false then "start_date" and "end_date" is mandatory, "start_time" and "end_time" is optional. Also the fields "days" and "time_interval" should not be present. operationId: UpdatePolicyFirewallScheduler parameters: - in: path name: firewall-scheduler-id required: true type: string - in: body name: PolicyFirewallScheduler required: true schema: $ref: '#/definitions/PolicyFirewallScheduler' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallScheduler' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update PolicyFirewallScheduler tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Scheduler x-vmw-nsx-module: PolicyFirewallScheduler /infra/firewall-session-timer-profiles: get: consumes: - application/json description: |- API will list all Firewall Session Timer Profiles operationId: ListPolicyFirewallSessionTimerProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Session Timer Profiles tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile /infra/firewall-session-timer-profiles/{firewall-session-timer-profile-id}: delete: consumes: - application/json description: |- API will delete Firewall Session Timer Profile operationId: DeletePolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile get: consumes: - application/json description: |- API will get Firewall Session Timer Profile operationId: GetPolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile patch: consumes: - application/json description: |- API will create/update Firewall Session Timer Profile operationId: PatchPolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string - in: body name: PolicyFirewallSessionTimerProfile required: true schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile put: consumes: - application/json description: |- API will update Firewall Session Timer Profile operationId: UpdatePolicyFirewallSessionTimerProfile parameters: - description: |- Firewall Session Timer Profile ID in: path name: firewall-session-timer-profile-id required: true type: string - in: body name: PolicyFirewallSessionTimerProfile required: true schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Firewall Session Timer Profile tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile /infra/firewall/policies: get: consumes: - application/json description: | Get the list of policies filtered based on the given criteria. operationId: GetFilteredPolicies parameters: - description: Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Path of the parent object of the entities in: query name: parent_path required: false type: string - description: Scope filter criteria in: query name: scope required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get policies filtered based on the given criteria tags: - Policy - Security x-vmw-nsx-module: PolicyFirewallConfiguration /infra/firewall/rules: get: consumes: - application/json description: | Get the list of rules of given parent path of policy/section, filtered based on the given criteria. Parent path is mandatory. operationId: GetFilteredRules parameters: - description: Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Path of the parent object of the entities in: query name: parent_path required: false type: string - description: Scope filter criteria in: query name: scope required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get rules filtered based on the given criteria tags: - Policy - Security x-vmw-nsx-module: PolicyFirewallConfiguration /infra/flood-protection-profiles: get: consumes: - application/json description: |- API will list all Flood Protection Profiles operationId: ListFloodProtectionProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Flood Protection Profiles tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile /infra/flood-protection-profiles/{flood-protection-profile-id}: delete: consumes: - application/json description: |- API will delete Flood Protection Profile operationId: DeleteFloodProtectionProfile parameters: - description: |- Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile get: consumes: - application/json description: |- API will get Flood Protection Profile operationId: GetFloodProtectionProfile parameters: - description: |- Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile patch: consumes: - application/json description: |- API will create/update Flood Protection Profile operationId: PatchFloodProtectionProfile parameters: - description: |- Firewall Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string - in: body name: FloodProtectionProfile required: true schema: $ref: '#/definitions/FloodProtectionProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile put: consumes: - application/json description: |- API will update Firewall Flood Protection Profile operationId: UpdateFloodProtectionProfile parameters: - description: |- Flood Protection Profile ID in: path name: flood-protection-profile-id required: true type: string - in: body name: FloodProtectionProfile required: true schema: $ref: '#/definitions/FloodProtectionProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Firewall Flood Protection Profile tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile /infra/flood-protection-profiles/{flood-protection-profile-id}/bindings: get: consumes: - application/json description: |- API will list all Flood Protection Profiles bindings. operationId: ListFloodProtectionProfileBindings parameters: - in: path name: flood-protection-profile-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Flood Protection Profiles tags: - Policy - Security - Security Profiles - Flood Protection Profiles x-vmw-nsx-module: PolicyProfile /infra/full-sync-action: post: consumes: - application/json description: |- Performs realized object actions specified in the action. operationId: FullSyncActions parameters: - enum: - request_full_sync - request_notifications_full_sync - abort_current_sync - purge_history in: query name: action required: true type: string - description: Type of full sync being requested enum: - gm_to_lm_full_sync in: query name: sync_type required: false type: string responses: '200': description: OK '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Performs realized object actions specified in the action. tags: - Federation - Full Synchronization x-vmw-nsx-module: PolicyFullSync /infra/full-sync-states: get: consumes: - application/json description: |- List full sync state. operationId: ListFullSyncStates parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FullSyncStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List full sync states tags: - Federation - Full Synchronization x-vmw-nsx-module: PolicyFullSync /infra/full-sync-states/{full-sync-id}: get: consumes: - application/json description: |- Get full sync state. operationId: GetFullSyncStates parameters: - in: path name: full-sync-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FullSyncState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get full sync state tags: - Federation - Full Synchronization x-vmw-nsx-module: PolicyFullSync /infra/gateway-qos-profiles: get: consumes: - application/json description: | Paginated list of all gateway QoS profle instances operationId: ListGatewayQosProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayQosProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all gateway QoS profiles tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity /infra/gateway-qos-profiles/{qos-profile-id}: delete: consumes: - application/json description: |- Delete QoS profile operationId: DeleteGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read gateway QoS profile operationId: ReadGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayQosProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If profile with the qos-profile-id is not already present, create a new gateway QoS profile instance. If it already exists, update the gateway QoS profile instance with specified attributes. operationId: PatchGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string - in: body name: GatewayQosProfile required: true schema: $ref: '#/definitions/GatewayQosProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If profile with the qos-profile-id is not already present, create a new gateway QoS profile instance. If it already exists, replace the gateway QoS profile instance with this object. operationId: CreateOrReplaceGatewayQosProfile parameters: - in: path name: qos-profile-id required: true type: string - in: body name: GatewayQosProfile required: true schema: $ref: '#/definitions/GatewayQosProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayQosProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Gateway QoS profile tags: - Policy - Networking - Networking Profiles - Gateway QOS Profiles x-vmw-nsx-module: PolicyConnectivity /infra/global-config: get: consumes: - application/json description: | This rest routine is deprecated. Use /infra/connectivity-global-config for Connectivity global config and /infra/ops-global-config for Operations global config. Read global configuration. operationId: ReadGlobalConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read global configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy patch: consumes: - application/json description: | This rest routine is deprecated. Use /infra/connectivity-global-config for Connectivity global config and /infra/ops-global-config for Operations global config. Update the global configuration. operationId: PatchGlobalConfig parameters: - in: body name: GlobalConfig required: true schema: $ref: '#/definitions/GlobalConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the global configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy put: consumes: - application/json description: | This rest routine is deprecated. Use /infra/connectivity-global-config for Connectivity global config and /infra/ops-global-config for Operations global config. Update the global configuration. operationId: UpdateGlobalConfig parameters: - in: body name: GlobalConfig required: true schema: $ref: '#/definitions/GlobalConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the global configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy /infra/group-associations: get: consumes: - application/json description: | Get policy groups for which the given object is a member. In Federation environment, if the given object is a global entity (eg: global segment) and if the entity is not stretched to the site specified in the enforcement_point_path parameter,then the following is returned:- 1)If the entity is a member of any global group and that group is stretched to the enforcement_point_path site,then the API returns an empty list. 2)If the entity is not a member of any global group,this API returns an 'invalid path' error message. 3)If both the entity and its corresponding groups are stretched to the enforcement_point_path site , then the API returns the groups list. operationId: GetGroupsForObject parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: String path of the intent object in: query name: intent_path required: true type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given object is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/group-service-associations: get: consumes: - application/json description: | The API returns all the services associated with the given Group. It also returns the services associated with the parent groups of the given group. operationId: GetPolicyGroupServiceAssociations parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Path of the entity in: query name: intent_path required: true type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of services where the given group is consumed. tags: - Policy x-vmw-nsx-module: PolicyGroupRealization /infra/host-switch-profiles: get: consumes: - application/json description: | Returns information about the configured hostswitch profiles. Hostswitch profiles define networking policies for hostswitches (sometimes referred to as bridges in OVS). Currently, following profiles are supported. UplinkHostSwitchProfile, LldpHostSwitchProfile, NiocProfile & ExtraConfigHostSwitchProfile. Uplink profile - teaming defined in this profile allows NSX to load balance traffic across different physical NICs (PNICs) on the hypervisor hosts. Multiple teaming policies are supported, including LACP active, LACP passive, load balancing based on source ID, and failover order. Lldp profile - Enable or disable sending LLDP packets NiocProfile - Network I/O Control settings: defines limits, shares and reservations for various host traffic types. ExtraConfig - Vendor specific configuration on HostSwitch, logical switch or logical port operationId: ListPolicyHostSwitchProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Supported edge deployment type. enum: - VIRTUAL_MACHINE - PHYSICAL_MACHINE - UNKNOWN in: query name: deployment_type required: false type: string - description: Supported HostSwitch profiles. enum: - PolicyUplinkHostSwitchProfile - PolicyLldpHostSwitchProfile - PolicyNiocProfile - PolicyExtraConfigHostSwitchProfile in: query name: hostswitch_profile_type required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Whether the list result contains system resources in: query name: include_system_owned required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Filter uplink profiles by number of active links in teaming policy. format: int32 in: query name: max_active_uplink_count required: false type: integer - description: Fabric node type for which uplink profiles are to be listed enum: - EdgeNode - PublicCloudGatewayNode in: query name: node_type required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: The host switch profile's uplink teaming policy name in: query name: uplink_teaming_policy_name required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyHostSwitchProfilesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Hostswitch Profiles tags: - System Administration - Configuration - Fabric - Profiles - Hostswitch Profiles x-vmw-nsx-module: PolicyBaseHostSwitchProfile /infra/host-switch-profiles/{host-switch-profile-id}: delete: consumes: - application/json description: |- Deletes a specified hostswitch profile. operationId: DeletePolicyHostSwitchProfile parameters: - in: path name: host-switch-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Hostswitch Profile tags: - System Administration - Configuration - Fabric - Profiles - Hostswitch Profiles x-vmw-nsx-module: PolicyBaseHostSwitchProfile get: consumes: - application/json description: |- Returns information about a specified hostswitch profile. operationId: GetPolicyHostSwitchProfile parameters: - in: path name: host-switch-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyBaseHostSwitchProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a Hostswitch Profile by ID tags: - System Administration - Configuration - Fabric - Profiles - Hostswitch Profiles x-vmw-nsx-module: PolicyBaseHostSwitchProfile patch: consumes: - application/json description: | Patch a hostswitch profile. The resource_type is required and needs to be one of the following, UplinkHostSwitchProfile, LldpHostSwitchProfile, NiocProfile & ExtraConfigHostSwitchProfile. Uplink profile - For uplink profiles, the teaming and policy parameters are required. By default, the mtu is 1600 and the transport_vlan is 0. The supported MTU range is 1280 through (uplink_mtu_threshold). uplink_mtu_threshold is 9000 by default. Range can be extended by modifying (uplink_mtu_threshold) in SwitchingGlobalConfig to the required upper threshold. Teaming defined in this profile allows NSX to load balance traffic across different physical NICs (PNICs) on the hypervisor hosts. Multiple teaming policies are supported, including LACP active, LACP passive, load balancing based on source ID, and failover order. Lldp profile - Enable or disable sending LLDP packets NiocProfile - Network I/O Control settings: defines limits, shares and reservations for various host traffic types. ExtraConfig - Vendor specific configuration on HostSwitch, logical switch or logical port operationId: PatchPolicyHostSwitchProfile parameters: - in: path name: host-switch-profile-id required: true type: string - in: body name: PolicyBaseHostSwitchProfile required: true schema: $ref: '#/definitions/PolicyBaseHostSwitchProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyBaseHostSwitchProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Hostswitch Profile tags: - System Administration - Configuration - Fabric - Profiles - Hostswitch Profiles x-vmw-nsx-module: PolicyBaseHostSwitchProfile put: consumes: - application/json description: | Create or update a hostswitch profile. The resource_type is required and needs to be one of the following, UplinkHostSwitchProfile, LldpHostSwitchProfile, NiocProfile & ExtraConfigHostSwitchProfile. Uplink profile - For uplink profiles, the teaming and policy parameters are required. By default, the mtu is 1600 and the transport_vlan is 0. The supported MTU range is 1280 through (uplink_mtu_threshold). uplink_mtu_threshold is 9000 by default. Range can be extended by modifying (uplink_mtu_threshold) in SwitchingGlobalConfig to the required upper threshold. Teaming defined in this profile allows NSX to load balance traffic across different physical NICs (PNICs) on the hypervisor hosts. Multiple teaming policies are supported, including LACP active, LACP passive, load balancing based on source ID, and failover order. Lldp profile - Enable or disable sending LLDP packets NiocProfile - Network I/O Control settings: defines limits, shares and reservations for various host traffic types. ExtraConfig - Vendor specific configuration on HostSwitch, logical switch or logical port operationId: CreateOrUpdatePolicyHostSwitchProfile parameters: - in: path name: host-switch-profile-id required: true type: string - in: body name: PolicyBaseHostSwitchProfile required: true schema: $ref: '#/definitions/PolicyBaseHostSwitchProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyBaseHostSwitchProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Hostswitch Profile tags: - System Administration - Configuration - Fabric - Profiles - Hostswitch Profiles x-vmw-nsx-module: PolicyBaseHostSwitchProfile /infra/host-transport-node-profiles: get: consumes: - application/json description: | Returns information about all host transport node profiles. operationId: ListPolicyHostTransportNodeProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyHostTransportNodeProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Host Transport Nodes tags: - System Administration - Configuration - Fabric - Profiles - Host Transport Node Profiles x-vmw-nsx-module: PolicyHostTransportNodeProfile /infra/host-transport-node-profiles/{host-transport-node-profile-id}: get: consumes: - application/json description: |- Returns information about a specified host transport node profile. operationId: GetPolicyHostTransportNodeProfile parameters: - in: path name: host-transport-node-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyHostTransportNodeProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a Transport Node tags: - System Administration - Configuration - Fabric - Profiles - Host Transport Node Profiles x-vmw-nsx-module: PolicyHostTransportNodeProfile /infra/host-transport-node-profiles/{transport-node-profile-id}: delete: consumes: - application/json description: | Deletes the specified host transport node profile. A host transport node profile can be deleted only when it is not attached to any compute collection. operationId: DeletePolicyHostTransportNodeProfile parameters: - in: path name: transport-node-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Host Transport Node Profile tags: - System Administration - Configuration - Fabric - Profiles - Host Transport Node Profiles x-vmw-nsx-module: PolicyHostTransportNodeProfile put: consumes: - application/json description: | Host transport node profile captures the configuration needed to create a host transport node. A host transport node profile can be attached to compute collections for automatic host transport node creation of member hosts. When configurations of a host transport node profile(TNP) are updated, all the host transport nodes in all the compute collections to which this TNP is attached are updated to reflect the updated configuration. operationId: CreateOrUpdatePolicyHostTransportNodeProfile parameters: - in: path name: transport-node-profile-id required: true type: string - in: body name: PolicyHostTransportNodeProfile required: true schema: $ref: '#/definitions/PolicyHostTransportNodeProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyHostTransportNodeProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update a Host Transport Node Profile tags: - System Administration - Configuration - Fabric - Profiles - Host Transport Node Profiles x-vmw-nsx-module: PolicyHostTransportNodeProfile /infra/igmp-profiles: get: consumes: - application/json description: | List all igmp profile. operationId: ListPolicyIgmpProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIgmpProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Igmp Profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast /infra/igmp-profiles/{igmp-profile-id}: delete: consumes: - application/json description: |- Delete Igmp Profile. operationId: DeletePolicyIgmpProfile parameters: - description: |- igmp profile id in: path name: igmp-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Igmp Profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast get: consumes: - application/json description: | Read Igmp Profile. operationId: ReadPolicyIgmpProfile parameters: - description: |- igmp profile id in: path name: igmp-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIgmpProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Igmp Profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast patch: consumes: - application/json description: | Create a igmp profile with the igmp-profile-id is not already present, otherwise update the igmp profile. operationId: PatchPolicyIgmpProfile parameters: - description: |- igmp profile id in: path name: igmp-profile-id required: true type: string - in: body name: PolicyIgmpProfile required: true schema: $ref: '#/definitions/PolicyIgmpProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update igmp profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast put: consumes: - application/json description: | Create or update igmp profile. operationId: CreateOrUpdatePolicyIgmpProfile parameters: - description: |- igmp profile id in: path name: igmp-profile-id required: true type: string - in: body name: PolicyIgmpProfile required: true schema: $ref: '#/definitions/PolicyIgmpProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIgmpProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update igmp profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast /infra/ip-address-group-associations: get: consumes: - application/json description: | Get policy groups for which the given IP address is a member. operationId: GetGroupsForIPAddress parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress in: query name: ip_address required: true type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given IP address is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/ip-blocks: get: consumes: - application/json description: | Paginated list of IpAddressBlocks. operationId: ListIpAddressBlocks parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressBlockListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IpAddressBlocks tags: - Policy - Networking - IP Management - IP Address Pools - IP Blocks x-vmw-nsx-module: PolicyIpam /infra/ip-blocks/{ip-block-id}: delete: consumes: - application/json description: | Delete the IpAddressBlock with the given id. operationId: DeleteIpAddressBlock parameters: - in: path name: ip-block-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an IpAddressBlock tags: - Policy - Networking - IP Management - IP Address Pools - IP Blocks x-vmw-nsx-module: PolicyIpam get: consumes: - application/json description: | Read IpAddressBlock with given Id. operationId: ReadIpAddressBlock parameters: - in: path name: ip-block-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressBlock' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a IpAddressBlock tags: - Policy - Networking - IP Management - IP Address Pools - IP Blocks x-vmw-nsx-module: PolicyIpam patch: consumes: - application/json description: | Creates a new IpAddressBlock with specified ID if not already present. If IpAddressBlock of given ID is already present, then the instance is updated with specified attributes. operationId: CreateOrPatchIpAddressBlock parameters: - in: path name: ip-block-id required: true type: string - in: body name: IpAddressBlock required: true schema: $ref: '#/definitions/IpAddressBlock' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a new IPBlock tags: - Policy - Networking - IP Management - IP Address Pools - IP Blocks x-vmw-nsx-module: PolicyIpam put: consumes: - application/json description: | Create a new IpAddressBlock with given ID if it does not exist. If IpAddressBlock with given ID already exists, it will update existing instance. This is a full replace. operationId: CreateOrReplaceIpAddressBlock parameters: - in: path name: ip-block-id required: true type: string - in: body name: IpAddressBlock required: true schema: $ref: '#/definitions/IpAddressBlock' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressBlock' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IpAddressBlock tags: - Policy - Networking - IP Management - IP Address Pools - IP Blocks x-vmw-nsx-module: PolicyIpam /infra/ip-discovery-profiles: get: consumes: - application/json description: | API will list all IP Discovery Profiles active in current discovery profile id. operationId: GetIPDiscoveryProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPDiscoveryProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IP Discovery Profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery /infra/ip-discovery-profiles/{ip-discovery-profile-id}: delete: consumes: - application/json description: | API will delete IP Discovery profile. operationId: DeleteIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery get: consumes: - application/json description: | API will get IP Discovery profile. operationId: GetIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery patch: consumes: - application/json description: | API will create IP Discovery profile. operationId: CreateIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string - in: body name: IPDiscoveryProfile required: true schema: $ref: '#/definitions/IPDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery put: consumes: - application/json description: | API will update IP Discovery profile. operationId: UpdateIPDiscoveryProfile parameters: - description: |- IP Discovery Profile ID in: path name: ip-discovery-profile-id required: true type: string - in: body name: IPDiscoveryProfile required: true schema: $ref: '#/definitions/IPDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update IP Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery /infra/ip-pools: get: consumes: - application/json description: | Paginated list of IpAddressPools. operationId: ListIpAddressPools parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPoolListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IpAddressPools tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam /infra/ip-pools/{ip-pool-id}: delete: consumes: - application/json description: | Delete the IpAddressPool with the given id. operationId: DeleteIpAddressPool parameters: - in: path name: ip-pool-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an IpAddressPool tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam get: consumes: - application/json description: | Read IpAddressPool with given Id. operationId: ReadIpAddressPool parameters: - in: path name: ip-pool-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPool' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an IpAddressPool tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam patch: consumes: - application/json description: | Creates a new IpAddressPool with specified ID if not already present. If IpAddressPool of given ID is already present, then the instance is updated. This is a full replace. operationId: CreateOrPatchIpAddressPool parameters: - in: path name: ip-pool-id required: true type: string - in: body name: IpAddressPool required: true schema: $ref: '#/definitions/IpAddressPool' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a new IP address pool tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam put: consumes: - application/json description: | Create a new IpAddressPool with given ID if it does not exist. If IpAddressPool with given ID already exists, it will update existing instance. This is a full replace. operationId: CreateOrReplaceIpAddressPool parameters: - in: path name: ip-pool-id required: true type: string - in: body name: IpAddressPool required: true schema: $ref: '#/definitions/IpAddressPool' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPool' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IpAddressPool tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam /infra/ip-pools/{ip-pool-id}/ip-allocations: get: consumes: - application/json description: | Returns information about which addresses have been allocated from a specified IP address pool in policy. operationId: ListIpAddressPoolAllocations parameters: - in: path name: ip-pool-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressAllocationListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IpAddressPool Allocations tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam /infra/ip-pools/{ip-pool-id}/ip-allocations/{ip-allocation-id}: delete: consumes: - application/json description: | Releases the IP that was allocated for this allocation request operationId: DeleteIpAddressPoolAllocation parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-allocation-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Records intent to release an IP from an IpPool. tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam get: consumes: - application/json description: | Read a previously created allocation operationId: ReadIpAddressPoolAllocation parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-allocation-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressAllocation' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read policy IpPool allocation tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam patch: consumes: - application/json description: | If allocation of the same ID is found, this is a no-op. If no allocation of the specified ID is found, then a new allocation is created. An allocation cannot be updated once created. When an allocation is requested from an IpAddressPool, the IP could be allocated from any subnet in the pool that has the available capacity. Request to allocate an IP will fail if no subnet was previously created. If specific IP was requested, the status of allocation is reflected in the realized state. If any IP is requested, the IP finally allocated is obtained by polling on the realized state until the allocated IP is returned in the extended attributes. operationId: CreateOrPatchIpAddressPoolAllocation parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-allocation-id required: true type: string - in: body name: IpAddressAllocation required: true schema: $ref: '#/definitions/IpAddressAllocation' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Records intent to allocate an IP Address from an IP Pool tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam put: consumes: - application/json description: | If allocation of the same ID is found, this is a no-op. If no allocation of the specified ID is found, then a new allocation is created. An allocation cannot be updated once created. When an IP allocation is requested from an IpAddressPool, the IP could be allocated from any subnet in the pool that has the available capacity. Request to allocate an IP will fail if no subnet was previously created. If specific IP was requested, the status of allocation is reflected in the realized state. If any IP is requested, the IP finally allocated is obtained by polling on the realized state until the allocated IP is returned in the extended attributes. An allocation cannot be updated once created. operationId: CreateOrReplaceIpAddressPoolAllocation parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-allocation-id required: true type: string - in: body name: IpAddressAllocation required: true schema: $ref: '#/definitions/IpAddressAllocation' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressAllocation' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Records intent to allocate an IP Address from an IP Pool tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam /infra/ip-pools/{ip-pool-id}/ip-subnets: get: consumes: - application/json description: | Paginated list of IpAddressPoolSubnets. operationId: ListIpAddressPoolSubnets parameters: - in: path name: ip-pool-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPoolSubnetListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IpAddressPoolSubnets tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam /infra/ip-pools/{ip-pool-id}/ip-subnets/{ip-subnet-id}: delete: consumes: - application/json description: | Delete the IpAddressPoolSubnet with the given id. operationId: DeleteIpAddressPoolSubnet parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-subnet-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an IpAddressPoolSubnet tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam get: consumes: - application/json description: | Read IpAddressPoolSubnet with given Id. operationId: ReadIpAddressPoolSubnet parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-subnet-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPoolSubnet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an IpAddressPoolSubnet tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam patch: consumes: - application/json description: | Creates a new IpAddressPoolSubnet with the specified ID if it does not already exist. If a IpAddressPoolSubnet of the given ID already exists, IpAddressPoolSubnet will be updated. This is a full replace. operationId: CreateOrPatchIpAddressPoolSubnet parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-subnet-id required: true type: string - in: body name: IpAddressPoolSubnet required: true schema: $ref: '#/definitions/IpAddressPoolSubnet' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a new IP Subnet tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam put: consumes: - application/json description: | Creates a new IpAddressPoolSubnet with the specified ID if it does not already exist. If a IpAddressPoolSubnet of the given ID already exists, IpAddressPoolSubnet will be updated. This is a full replace. operationId: CreateOrReplaceIpAddressPoolSubnet parameters: - in: path name: ip-pool-id required: true type: string - in: path name: ip-subnet-id required: true type: string - in: body name: IpAddressPoolSubnet required: true schema: $ref: '#/definitions/IpAddressPoolSubnet' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPoolSubnet' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a new IP Subnet tags: - Policy - Networking - IP Management - IP Address Pools - IP Pools x-vmw-nsx-module: PolicyIpam /infra/ipfix-dfw-collector-profiles: get: consumes: - application/json description: | API will provide list of all IPFIX dfw collector profiles and their details. operationId: ListIPFIXDFWCollectorProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWCollectorProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX Collector profiles. tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW /infra/ipfix-dfw-collector-profiles/{ipfix-dfw-collector-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX dfw collector profile. Flow forwarding to collector will be stopped. operationId: DeleteIPFIXDFWCollectorProfile parameters: - description: |- IPFIX dfw collector Profile id in: path name: ipfix-dfw-collector-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX dfw Collector profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW get: consumes: - application/json description: | API will return details of IPFIX dfw collector profile. If profile does not exist, it will return 404. operationId: ReadIPFIXDFWCollectorProfile parameters: - description: |- IPFIX dfw collector profile id in: path name: ipfix-dfw-collector-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX dfw Collector profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW patch: consumes: - application/json description: | Create a new IPFIX dfw collector profile if the IPFIX dfw collector profile with given id does not already exist. If the IPFIX dfw collector profile with the given id already exists, patch with the existing IPFIX dfw collector profile. operationId: PatchIPFIXDFWCollectorProfile parameters: - in: path name: ipfix-dfw-collector-profile-id required: true type: string - in: body name: IPFIXDFWCollectorProfile required: true schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- IPFIX dfw collector profile id tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW put: consumes: - application/json description: | Create or Replace IPFIX dfw collector profile. IPFIX data will be sent to IPFIX collector port. operationId: CreateOrReplaceIPFIXDFWCollectorProfile parameters: - description: |- IPFIX dfw collector profile id in: path name: ipfix-dfw-collector-profile-id required: true type: string - in: body name: IPFIXDFWCollectorProfile required: true schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWCollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX dfw collector profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXDFW /infra/ipfix-dfw-profiles: get: consumes: - application/json description: | API provides list IPFIX DFW profiles available on selected logical DFW. operationId: ListIPFIXDFWProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX DFW Profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW /infra/ipfix-dfw-profiles/{ipfix-dfw-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX DFW Profile. Selected IPFIX Collectors will stop receiving flows. operationId: DeleteIPFIXDFWProfile parameters: - description: |- IPFIX DFW Profile ID in: path name: ipfix-dfw-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX DFW Profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW get: consumes: - application/json description: | API will return details of IPFIX DFW profile. operationId: ReadIPFIXDFWProfile parameters: - description: |- IPFIX DFW collection id in: path name: ipfix-dfw-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX DFW Profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW patch: consumes: - application/json description: | Create a new IPFIX DFW profile if the IPFIX DFW profile with given id does not already exist. If the IPFIX DFW profile with the given id already exists, patch with the existing IPFIX DFW profile. operationId: PatchIPFIXDFWProfile parameters: - description: |- IPFIX DFW Profile ID in: path name: ipfix-dfw-profile-id required: true type: string - in: body name: IPFIXDFWProfile required: true schema: $ref: '#/definitions/IPFIXDFWProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IPFIX DFW profile tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW put: consumes: - application/json description: | Create or replace IPFIX DFW profile. Config will start forwarding data to provided IPFIX DFW collector. operationId: CreateOrReplaceIPFIXDFWProfile parameters: - description: |- IPFIX DFW Profile ID in: path name: ipfix-dfw-profile-id required: true type: string - in: body name: IPFIXDFWProfile required: true schema: $ref: '#/definitions/IPFIXDFWProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXDFWProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX DFW collection Config. tags: - Policy - Monitoring - IPFIX - Firewall IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXDFW /infra/ipfix-l2-collector-profiles: get: consumes: - application/json description: | API will provide list of all IPFIX collector profiles and their details. operationId: ListIPFIXL2CollectorProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2CollectorProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX Collector profiles. tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch /infra/ipfix-l2-collector-profiles/{ipfix-l2-collector-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX collector profile. Flow forwarding to collector will be stopped. operationId: DeleteIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector Profile id in: path name: ipfix-l2-collector-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX Collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch get: consumes: - application/json description: | API will return details of IPFIX collector profile. operationId: ReadIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector profile id in: path name: ipfix-l2-collector-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2CollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX Collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch patch: consumes: - application/json description: | Create a new IPFIX collector profile if the IPFIX collector profile with given id does not already exist. If the IPFIX collector profile with the given id already exists, patch with the existing IPFIX collector profile. operationId: PatchIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector profile id in: path name: ipfix-l2-collector-profile-id required: true type: string - in: body name: IPFIXL2CollectorProfile required: true schema: $ref: '#/definitions/IPFIXL2CollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IPFIX collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch put: consumes: - application/json description: | Create or Replace IPFIX collector profile. IPFIX data will be sent to IPFIX collector. operationId: CreateOrReplaceIPFIXL2CollectorProfile parameters: - description: |- IPFIX collector profile id in: path name: ipfix-l2-collector-profile-id required: true type: string - in: body name: IPFIXL2CollectorProfile required: true schema: $ref: '#/definitions/IPFIXL2CollectorProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2CollectorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX collector profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Collectors x-vmw-nsx-module: PolicyIPFIXSwitch /infra/ipfix-l2-profiles: get: consumes: - application/json description: | API provides list IPFIX L2 Profiles available on selected logical l2. operationId: ListIPFIXL2Profiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2ProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPFIX L2 Profiles tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch /infra/ipfix-l2-profiles/{ipfix-l2-profile-id}: delete: consumes: - application/json description: | API deletes IPFIX L2 Profile. Flow forwarding to selected collector will be stopped. operationId: DeleteIPFIXL2Profile parameters: - description: |- IPFIX L2 Profile ID in: path name: ipfix-l2-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPFIX L2 Profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch get: consumes: - application/json description: | API will return details of IPFIX L2 profile. operationId: ReadIPFIXL2Profile parameters: - description: |- IPFIX L2 profile id in: path name: ipfix-l2-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2Profile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPFIX L2 Profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch patch: consumes: - application/json description: | Create a new IPFIX L2 profile if the IPFIX L2 profile with given id does not already exist. If the IPFIX L2 profile with the given id already exists, patch with the existing IPFIX L2 profile. operationId: PatchIPFIXL2Profile parameters: - description: |- IPFIX L2 Profile ID in: path name: ipfix-l2-profile-id required: true type: string - in: body name: IPFIXL2Profile required: true schema: $ref: '#/definitions/IPFIXL2Profile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IPFIX L2profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch put: consumes: - application/json description: | Create or replace IPFIX L2 Profile. Profile is reusable entity. Single profile can attached multiple bindings e.g group, segment and port. operationId: CreateOrReplaceIPFIXL2Profile parameters: - description: |- IPFIX L2 Profile ID in: path name: ipfix-l2-profile-id required: true type: string - in: body name: IPFIXL2Profile required: true schema: $ref: '#/definitions/IPFIXL2Profile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPFIXL2Profile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace IPFIX L2 profile tags: - Policy - Monitoring - IPFIX - Switch IPFIX Profiles x-vmw-nsx-module: PolicyIPFIXSwitch /infra/ipsec-vpn-dpd-profiles: get: consumes: - application/json description: |- Get paginated list of all DPD Profiles. operationId: ListIPSecVpnDpdProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnDpdProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List DPD profiles tags: - Policy - Networking - Network Services - VPN - IPSEC - DPD Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/ipsec-vpn-dpd-profiles/{dpd-profile-id}: delete: consumes: - application/json description: |- Delete custom dead peer detection (DPD) profile. Profile can not be deleted if profile has references to it. operationId: DeleteIPSecVpnDpdProfile parameters: - in: path name: dpd-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete custom dead peer detection (DPD) profile tags: - Policy - Networking - Network Services - VPN - IPSEC - DPD Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: |- Get custom dead peer detection (DPD) profile, given the particular id. operationId: GetIPSecVpnDpdProfile parameters: - in: path name: dpd-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnDpdProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get dead peer detection (DPD) profile tags: - Policy - Networking - Network Services - VPN - IPSEC - DPD Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: |- Create or patch dead peer detection (DPD) profile. Any change in profile affects all sessions consuming this profile. System will be provisioned with system owned editable default DPD profile. Any change in profile affects all sessions consuming this profile. operationId: CreateOrPatchIPSecVpnDpdProfile parameters: - in: path name: dpd-profile-id required: true type: string - in: body name: IPSecVpnDpdProfile required: true schema: $ref: '#/definitions/IPSecVpnDpdProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a custom DPD Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - DPD Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: |- Create or patch dead peer detection (DPD) profile. Any change in profile affects all sessions consuming this profile. System will be provisioned with system owned editable default DPD profile. Any change in profile affects all sessions consuming this profile. Revision is optional for creation and required for update. operationId: CreateOrUpdateIPSecVpnDpdProfile parameters: - in: path name: dpd-profile-id required: true type: string - in: body name: IPSecVpnDpdProfile required: true schema: $ref: '#/definitions/IPSecVpnDpdProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnDpdProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace a custom IPSec tunnel Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - DPD Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/ipsec-vpn-ike-profiles: get: consumes: - application/json description: |- Get paginated list of all IKE Profiles. operationId: ListIPSecVpnIkeProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnIkeProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IKE profiles tags: - Policy - Networking - Network Services - VPN - IPSEC - IKE Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/ipsec-vpn-ike-profiles/{ike-profile-id}: delete: consumes: - application/json description: |- Delete custom IKE Profile. Profile can not be deleted if profile has references to it. operationId: DeleteIPSecVpnIkeProfile parameters: - in: path name: ike-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete custom IKE Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IKE Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: |- Get custom IKE Profile, given the particular id. operationId: GetIPSecVpnIkeProfile parameters: - in: path name: ike-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnIkeProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IKE Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IKE Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: |- Create or patch custom internet key exchange (IKE) Profile. IKE Profile is a reusable profile that captures IKE and phase one negotiation parameters. System will be pre provisioned with system owned editable default IKE profile and suggested set of profiles that can be used for peering with popular remote peers like AWS VPN. User can create custom profiles as needed. Any change in profile affects all sessions consuming this profile. operationId: CreateOrPatchIPSecVpnIkeProfile parameters: - in: path name: ike-profile-id required: true type: string - in: body name: IPSecVpnIkeProfile required: true schema: $ref: '#/definitions/IPSecVpnIkeProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a custom internet key exchange (IKE) Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IKE Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: |- Create or fully replace custom internet key exchange (IKE) Profile. IKE Profile is a reusable profile that captures IKE and phase one negotiation parameters. System will be pre provisioned with system owned editable default IKE profile and suggested set of profiles that can be used for peering with popular remote peers like AWS VPN. User can create custom profiles as needed. Any change in profile affects all sessions consuming this profile. Revision is optional for creation and required for update. operationId: CreateOrUpdateIPSecVpnIkeProfile parameters: - in: path name: ike-profile-id required: true type: string - in: body name: IPSecVpnIkeProfile required: true schema: $ref: '#/definitions/IPSecVpnIkeProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnIkeProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace a custom internet key exchange (IKE) Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IKE Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/ipsec-vpn-tunnel-profiles: get: consumes: - application/json description: |- Get paginated list of all IPSec tunnel Profiles. operationId: ListIPSecVpnTunnelProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnTunnelProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPSec tunnel profiles tags: - Policy - Networking - Network Services - VPN - IPSEC - IPSEC Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/ipsec-vpn-tunnel-profiles/{tunnel-profile-id}: delete: consumes: - application/json description: |- Delete custom IPSec tunnel Profile. Profile can not be deleted if profile has references to it. operationId: DeleteIPSecVpnTunnelProfile parameters: - in: path name: tunnel-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete custom IPSec tunnel Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IPSEC Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: |- Get custom IPSec tunnel Profile, given the particular id. operationId: GetIPSecVpnTunnelProfile parameters: - in: path name: tunnel-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnTunnelProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec tunnel Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IPSEC Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: |- Create or patch custom IPSec tunnel profile. IPSec tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. System will be provisioned with system owned editable default IPSec tunnel profile. Any change in profile affects all sessions consuming this profile. operationId: CreateOrPatchIPSecVpnTunnelProfile parameters: - in: path name: tunnel-profile-id required: true type: string - in: body name: IPSecVpnTunnelProfile required: true schema: $ref: '#/definitions/IPSecVpnTunnelProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a custom IPSec tunnel Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IPSEC Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: |- Create or fully replace custom IPSec tunnel profile. IPSec tunnel profile is a reusable profile that captures phase two negotiation parameters and tunnel properties. System will be provisioned with system owned editable default IPSec tunnel profile. Any change in profile affects all sessions consuming this profile. Revision is optional for creation and required for update. operationId: CreateOrUpdateIPSecVpnTunnelProfile parameters: - in: path name: tunnel-profile-id required: true type: string - in: body name: IPSecVpnTunnelProfile required: true schema: $ref: '#/definitions/IPSecVpnTunnelProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnTunnelProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace a custom IPSec tunnel Profile tags: - Policy - Networking - Network Services - VPN - IPSEC - IPSEC Profiles x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/ipv6-dad-profiles: get: consumes: - application/json description: | Paginated list of all IPv6 DAD profile instances operationId: ListIpv6DadProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6DadProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all IPv6 DAD profiles tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity /infra/ipv6-dad-profiles/{dad-profile-id}: delete: consumes: - application/json description: |- Delete IPv6 DAD profile operationId: DeleteIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read IPv6 DAD profile operationId: ReadIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6DadProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If profile with the dad-profile-id is not already present, create a new IPv6 DAD profile instance. If it already exists, update the IPv6 DAD profile instance with specified attributes. operationId: PatchIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string - in: body name: Ipv6DadProfile required: true schema: $ref: '#/definitions/Ipv6DadProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If profile with the dad-profile-id is not already present, create a new IPv6 DAD profile instance. If it already exists, replace the IPv6 DAD profile instance with this object. operationId: CreateOrReplaceIpv6DadProfile parameters: - in: path name: dad-profile-id required: true type: string - in: body name: Ipv6DadProfile required: true schema: $ref: '#/definitions/Ipv6DadProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6DadProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 DAD profile tags: - Policy - Networking - Networking Profiles - IPV6 DAD Profiles x-vmw-nsx-module: PolicyConnectivity /infra/ipv6-ndra-profiles: get: consumes: - application/json description: | Paginated list of all IPv6 NDRA profile instances operationId: ListIpv6NdraProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6NdraProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all IPv6 NDRA profiles tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity /infra/ipv6-ndra-profiles/{ndra-profile-id}: delete: consumes: - application/json description: |- Delete IPv6 NDRA profile operationId: DeleteIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read IPv6 NDRA profile operationId: ReadIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6NdraProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If profile with the ndra-profile-id is not already present, create a new IPv6 NDRA profile instance. If it already exists, update the IPv6 NDRA profile instance with specified attributes. operationId: PatchIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string - in: body name: Ipv6NdraProfile required: true schema: $ref: '#/definitions/Ipv6NdraProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If profile with the ndra-profile-id is not already present, create a new IPv6 NDRA profile instance. If it already exists, replace the IPv6 NDRA profile instance with this object. operationId: CreateOrReplaceIpv6NdraProfile parameters: - in: path name: ndra-profile-id required: true type: string - in: body name: Ipv6NdraProfile required: true schema: $ref: '#/definitions/Ipv6NdraProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Ipv6NdraProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IPv6 NDRA profile tags: - Policy - Networking - Networking Profiles - IPV6 NDRA Profiles x-vmw-nsx-module: PolicyConnectivity /infra/l7-access-profiles: get: consumes: - application/json description: |- API will list all l7 access Profiles operationId: ListL7AccessProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include the count of entries in L7 Profile in: query name: include_entry_count required: false type: boolean - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List l7 access Profiles tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile /infra/l7-access-profiles/attributes: get: consumes: - application/json description: | Returns supported attribute and sub-attributes for specified attribute key with their supported values, if provided in query/request parameter, else will fetch all supported attributes and sub-attributes for all supported attribute keys. operationId: ListL7AccessProfileProfileSupportedAttributes parameters: - description: Fetch attributes and sub-attributes for the given attribute key in: query name: attribute_key required: false type: string - default: SYSTEM description: Source of the attribute, System Defined or custom enum: - ALL - CUSTOM - SYSTEM in: query name: attribute_source required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyContextProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy L7 access profile supported attributes and sub-attributes tags: - Policy - Inventory - Profiles - Context Profiles x-vmw-nsx-module: L7AccessProfile /infra/l7-access-profiles/{l7-access-profile-id}: delete: consumes: - application/json description: |- API will delete L7 Access Profile operationId: DeleteL7AccessProfile parameters: - in: path name: l7-access-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L7 Access Profile tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile get: consumes: - application/json description: |- API will get L7 Access Profile operationId: GetL7AccessProfile parameters: - in: path name: l7-access-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L7 Access Profile tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile patch: consumes: - application/json description: |- API will create/update L7 Access Profile operationId: PatchL7AccessProfile parameters: - description: |- L7 Access Profile ID in: path name: l7-access-profile-id required: true type: string - in: body name: L7AccessProfile required: true schema: $ref: '#/definitions/L7AccessProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update L7 Access Profile tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile put: consumes: - application/json description: |- API will update L7 Access Profile operationId: CreateOrUpdateL7AccessProfile parameters: - in: path name: l7-access-profile-id required: true type: string - in: body name: L7AccessProfile required: true schema: $ref: '#/definitions/L7AccessProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update L7 Access Profile tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile /infra/l7-access-profiles/{l7-access-profile-id}/entries: get: consumes: - application/json description: |- API will list all l7 access profiles entries operationId: ListL7AccessEntries parameters: - in: path name: l7-access-profile-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessEntryListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List l7 access profile entries tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile /infra/l7-access-profiles/{l7-access-profile-id}/entries/{l7-access-entry-id}: delete: consumes: - application/json description: |- API will delete L7 Access Profile entry operationId: DeleteL7AccessEntry parameters: - in: path name: l7-access-profile-id required: true type: string - in: path name: l7-access-entry-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L7 Access Profile entry tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile get: consumes: - application/json description: |- Read Friewall L7 Access Profile entry operationId: ReadL7AccessEntry parameters: - in: path name: l7-access-profile-id required: true type: string - in: path name: l7-access-entry-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read L7 Access Profile entry tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile patch: consumes: - application/json description: |- API will create/update L7 Access Profile entry operationId: PatchL7AccessEntry parameters: - in: path name: l7-access-profile-id required: true type: string - in: path name: l7-access-entry-id required: true type: string - in: body name: L7AccessEntry required: true schema: $ref: '#/definitions/L7AccessEntry' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update L7 Access Profile entry tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile put: consumes: - application/json description: |- API will create L7 Access Profile entry operationId: CreateOrUpdateL7AccessEntry parameters: - in: path name: l7-access-profile-id required: true type: string - in: path name: l7-access-entry-id required: true type: string - in: body name: L7AccessEntry required: true schema: $ref: '#/definitions/L7AccessEntry' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L7AccessEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create L7 Access Profile entry tags: - Policy - Inventory - Profiles - L7 Access Profiles x-vmw-nsx-module: L7AccessProfile /infra/labels: get: consumes: - application/json description: | Paginated list of all labels for infra. operationId: ListPolicyLabelForInfra parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLabelListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List labels for infra tags: - Policy - Infra - Labels x-vmw-nsx-module: PolicyLabel /infra/labels/{label-id}: delete: consumes: - application/json description: |- Delete PolicyLabel object operationId: DeletePolicyLabelForInfra parameters: - in: path name: label-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete PolicyLabel object tags: - Policy - Infra - Labels x-vmw-nsx-module: PolicyLabel get: consumes: - application/json description: | Read a label. operationId: ReadPolicyLabelForInfra parameters: - in: path name: label-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLabel' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read lable tags: - Policy - Infra - Labels x-vmw-nsx-module: PolicyLabel patch: consumes: - application/json description: | Create label if not exists, otherwise take the partial updates. Note, once the label is created type attribute can not be changed. operationId: UpdatePolicyLabelForInfra parameters: - in: path name: label-id required: true type: string - in: body name: PolicyLabel required: true schema: $ref: '#/definitions/PolicyLabel' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch an existing label object tags: - Policy - Infra - Labels x-vmw-nsx-module: PolicyLabel put: consumes: - application/json description: | Create label if not exists, otherwise replaces the existing label. If label already exists then type attribute cannot be changed. operationId: CreateOrReplacePolicyLabelForInfra parameters: - in: path name: label-id required: true type: string - in: body name: PolicyLabel required: true schema: $ref: '#/definitions/PolicyLabel' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLabel' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace label tags: - Policy - Infra - Labels x-vmw-nsx-module: PolicyLabel /infra/latency-profiles: get: consumes: - application/json description: |- List latency profiles operationId: ListPolicyLatencyProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLatencyStatProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List latency profiles tags: - Policy - Monitoring - Latency x-vmw-nsx-module: PolicyLatency /infra/latency-profiles/{profile-id}: delete: consumes: - application/json description: |- Delete an existing latency profile operationId: DeletePolicyLatencyStatProfile parameters: - description: |- Latency profile id in: path name: profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an existing latency profile tags: - Policy - Monitoring - Latency x-vmw-nsx-module: PolicyLatency get: consumes: - application/json description: | Read latency profile. operationId: ReadPolicyLatencyStatProfile parameters: - description: |- Latency profile id in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLatencyStatProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read latency profile tags: - Policy - Monitoring - Latency x-vmw-nsx-module: PolicyLatency patch: consumes: - application/json description: | Patch latency profile. operationId: PatchPolicyLatencyStatProfile parameters: - description: |- Latency profile id in: path name: profile-id required: true type: string - in: body name: PolicyLatencyStatProfile required: true schema: $ref: '#/definitions/PolicyLatencyStatProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLatencyStatProfile' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch latency profile tags: - Policy - Monitoring - Latency x-vmw-nsx-module: PolicyLatency put: consumes: - application/json description: | Create or Replace latency profile. operationId: CreateOrReplacePolicyLatencyStatProfile parameters: - description: |- Latency profile id in: path name: profile-id required: true type: string - in: body name: PolicyLatencyStatProfile required: true schema: $ref: '#/definitions/PolicyLatencyStatProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyLatencyStatProfile' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace latency profile tags: - Policy - Monitoring - Latency x-vmw-nsx-module: PolicyLatency /infra/lb-app-profiles: get: consumes: - application/json description: | Paginated list of all LBAppProfiles. operationId: ListLBAppProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBAppProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBAppProfiles tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Application Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-app-profiles/{lb-app-profile-id}: delete: consumes: - application/json description: | Delete the LBAppProfile along with all the entities contained by this LBAppProfile. operationId: DeleteLBAppProfile parameters: - description: |- LBAppProfile ID in: path name: lb-app-profile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete LBAppProfile and all the entities contained by this LBAppProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Application Profiles x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read a LBAppProfile. operationId: ReadLBAppProfile parameters: - description: |- LBAppProfile ID in: path name: lb-app-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBAppProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBAppProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Application Profiles x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBAppProfile with the lb-app-profile-id is not already present, create a new LBAppProfile. If it already exists, update the LBAppProfile. This is a full replace. operationId: PatchLBAppProfile parameters: - description: |- LBAppProfile ID in: path name: lb-app-profile-id required: true type: string - in: body name: LBAppProfile required: true schema: $ref: '#/definitions/LBAppProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBAppProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Application Profiles x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBAppProfile with the lb-app-profile-id is not already present, create a new LBAppProfile. If it already exists, update the LBAppProfile. This is a full replace. operationId: UpdateLBAppProfile parameters: - description: |- LBAppProfile ID in: path name: lb-app-profile-id required: true type: string - in: body name: LBAppProfile required: true schema: $ref: '#/definitions/LBAppProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBAppProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBAppProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Application Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-client-ssl-profiles: get: consumes: - application/json description: | Paginated list of all LBClientSslProfiles. operationId: ListLBClientSslProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBClientSslProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBClientSslProfiles tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Client SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-client-ssl-profiles/{lb-client-ssl-profile-id}: delete: consumes: - application/json description: | Delete the LBClientSslProfile along with all the entities contained by this LBClientSslProfile. operationId: DeleteLBClientSslProfile parameters: - description: |- LBClientSslProfile ID in: path name: lb-client-ssl-profile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Delete LBClientSslProfile and all the entities contained by this LBClientSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Client SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read a LBClientSslProfile. operationId: ReadLBClientSslProfile parameters: - description: |- LBClientSslProfile ID in: path name: lb-client-ssl-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBClientSslProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBClientSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Client SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBClientSslProfile with the lb-client-ssl-profile-id is not already present, create a new LBClientSslProfile. If it already exists, update the LBClientSslProfile. This is a full replace. operationId: PatchLBClientSslProfile parameters: - description: |- LBClientSslProfile ID in: path name: lb-client-ssl-profile-id required: true type: string - in: body name: LBClientSslProfile required: true schema: $ref: '#/definitions/LBClientSslProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBClientSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Client SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBClientSslProfile with the lb-client-ssl-profile-id is not already present, create a new LBClientSslProfile. If it already exists, update the LBClientSslProfile. This is a full replace. operationId: UpdateLBClientSslProfile parameters: - description: |- LBClientSslProfile ID in: path name: lb-client-ssl-profile-id required: true type: string - in: body name: LBClientSslProfile required: true schema: $ref: '#/definitions/LBClientSslProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBClientSslProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBClientSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Client SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-monitor-profiles: get: consumes: - application/json description: | Paginated list of all LBMonitorProfiles for infra. operationId: ListLBMonitorProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBMonitorProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBMonitorProfiles for infra tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Monitor Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-monitor-profiles/{lb-monitor-profile-id}: delete: consumes: - application/json description: | Delete the LBMonitorProfile along with all the entities contained by this LBMonitorProfile. operationId: DeleteLBMonitorProfile parameters: - description: |- LBMonitorProfile ID in: path name: lb-monitor-profile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete LBMonitorProfile and all the entities contained by this LBMonitorProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Monitor Profiles x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read a LBMonitorProfile. operationId: ReadLBMonitorProfile parameters: - description: |- LBMonitorProfile ID in: path name: lb-monitor-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBMonitorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBMonitorProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Monitor Profiles x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBMonitorProfile with the lb-monitor-profile-id is not already present, create a new LBMonitorProfile. If it already exists, update the LBMonitorProfile. This is a full replace. operationId: PatchLBMonitorProfile parameters: - description: |- LBMonitorProfile ID in: path name: lb-monitor-profile-id required: true type: string - in: body name: LBMonitorProfile required: true schema: $ref: '#/definitions/LBMonitorProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBMonitorProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Monitor Profiles x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBMonitorProfile with the lb-monitor-profile-id is not already present, create a new LBMonitorProfile. If it already exists, update the LBMonitorProfile. This is a full replace. operationId: UpdateLBMonitorProfile parameters: - description: |- LBMonitorProfile ID in: path name: lb-monitor-profile-id required: true type: string - in: body name: LBMonitorProfile required: true schema: $ref: '#/definitions/LBMonitorProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBMonitorProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBMonitorProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Monitor Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-node-usage: get: consumes: - application/json description: | API is used to retrieve node usage for load balancer which contains basic information, LB entity usages and capacities for the given node. Currently only edge node is supported. The parameter ?node_path=<node-path> is required. For example, ?node_path= /infra/sites/default/enforcement-points/default/edge-clusters/ 85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes/ 86e077c0-449f-11e9-87c8-02004eb37029. operationId: GetLBNodeUsage parameters: - description: The node path for load balancer node usage in: query name: node_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBNodeUsage' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read load balancer usage for the given node tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Usage x-vmw-nsx-module: PolicyLBStatistics /infra/lb-node-usage-summary: get: consumes: - application/json description: | The API is used to retrieve the load balancer node usage summary of all nodes for every enforcement point. - If the parameter ?include_usages=true exists, the property node_usages are included in response. By default, the property node_usages is not included in response. - If parameter ?enforcement_point_path=<enforcement-point-path> exists, only node usage summary from specific enforcement point is included in response. If no enforcement point path is specified, information will be aggregated from each enforcement point. operationId: GetLBNodeUsageSummary parameters: - description: enforcement point path in: query name: enforcement_point_path required: false type: string - description: Whether to include usages in: query name: include_usages required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBNodeUsageSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read load balancer node usage summary tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Usage x-vmw-nsx-module: PolicyLBStatistics /infra/lb-persistence-profiles: get: consumes: - application/json description: | Paginated list of all LBPersistenceProfiles for infra. operationId: ListLBPersistenceProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBPersistenceProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBPersistenceProfiles for infra tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Persistence Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-persistence-profiles/{lb-persistence-profile-id}: delete: consumes: - application/json description: | Delete the LBPersistenceProfile along with all the entities contained by this LBPersistenceProfile. operationId: DeleteLBPersistenceProfile parameters: - description: |- LBPersistenceProfile ID in: path name: lb-persistence-profile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete LBPersistenceProfile and all the entities contained by this LBPersistenceProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Persistence Profiles x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read a LBPersistenceProfile. operationId: ReadLBPersistenceProfile parameters: - description: |- LBPersistenceProfile ID in: path name: lb-persistence-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBPersistenceProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBPersistenceProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Persistence Profiles x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBPersistenceProfile with the lb-persistence-profile-id is not already present, create a new LBPersistenceProfile. If it already exists, update the LBPersistenceProfile. This is a full replace. operationId: PatchLBPersistenceProfile parameters: - description: |- LBPersistenceProfile ID in: path name: lb-persistence-profile-id required: true type: string - in: body name: LBPersistenceProfile required: true schema: $ref: '#/definitions/LBPersistenceProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBPersistenceProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Persistence Profiles x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBPersistenceProfile with the lb-persistence-profile-id is not already present, create a new LBPersistenceProfile. If it already exists, update the LBPersistenceProfile. This is a full replace. operationId: UpdateLBPersistenceProfile parameters: - description: |- LBPersistenceProfile ID in: path name: lb-persistence-profile-id required: true type: string - in: body name: LBPersistenceProfile required: true schema: $ref: '#/definitions/LBPersistenceProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBPersistenceProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBPersistenceProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer Persistence Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-pools: get: consumes: - application/json description: | Paginated list of all LBPools. operationId: ListLBPools parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBPoolListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBPools tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Pools x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-pools/{lb-pool-id}: delete: consumes: - application/json description: | Delete the LBPool along with all the entities contained by this LBPool. operationId: DeleteLBPool parameters: - description: |- LBPool ID in: path name: lb-pool-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete LBPool and all the entities contained by this LBPool tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Pools x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read a LBPool. operationId: ReadLBPool parameters: - description: |- LBPool ID in: path name: lb-pool-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBPool' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBPool tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Pools x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBPool with the lb-pool-id is not already present, create a new LBPool. If it already exists, update the LBPool. This is a full replace. operationId: PatchLBPool parameters: - description: |- LBPool ID in: path name: lb-pool-id required: true type: string - in: body name: LBPool required: true schema: $ref: '#/definitions/LBPool' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBPool tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Pools x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBPool with the lb-pool-id is not already present, create a new LBPool. If it already exists, update the LBPool. This is a full replace. operationId: UpdateLBPool parameters: - description: |- LBPool ID in: path name: lb-pool-id required: true type: string - in: body name: LBPool required: true schema: $ref: '#/definitions/LBPool' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBPool' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBPool tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Pools x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-server-ssl-profiles: get: consumes: - application/json description: | Paginated list of all LBServerSslProfiles. operationId: ListLBServerSslProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBServerSslProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBServerSslProfiles tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Server SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-server-ssl-profiles/{lb-server-ssl-profile-id}: delete: consumes: - application/json description: | Delete the LBServerSslProfile along with all the entities contained by this LBServerSslProfile. operationId: DeleteLBServerSslProfile parameters: - description: |- LBServerSslProfile ID in: path name: lb-server-ssl-profile-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Delete LBServerSslProfile and all the entities contained by this LBServerSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Server SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read a LBServerSslProfile. operationId: ReadLBServerSslProfile parameters: - description: |- LBServerSslProfile ID in: path name: lb-server-ssl-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBServerSslProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBServerSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Server SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBServerSslProfile with the lb-server-ssl-profile-id is not already present, create a new LBServerSslProfile. If it already exists, update the LBServerSslProfile. This is a full replace. operationId: PatchLBServerSslProfile parameters: - description: |- LBServerSslProfile ID in: path name: lb-server-ssl-profile-id required: true type: string - in: body name: LBServerSslProfile required: true schema: $ref: '#/definitions/LBServerSslProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBServerSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Server SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBServerSslProfile with the lb-server-ssl-profile-id is not already present, create a new LBServerSslProfile. If it already exists, update the LBServerSslProfile. This is a full replace. operationId: UpdateLBServerSslProfile parameters: - description: |- LBServerSslProfile ID in: path name: lb-server-ssl-profile-id required: true type: string - in: body name: LBServerSslProfile required: true schema: $ref: '#/definitions/LBServerSslProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBServerSslProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBServerSslProfile tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer Server SSL Profiles x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-service-usage-summary: get: consumes: - application/json description: | API is used to retrieve the load balancer usage summary for all load balancer services. If the parameter ?include_usages=true exists, the property service-usages is included in the response. By default, service-usages is not included in the response. operationId: GetLBServiceUsageSummary parameters: - description: Whether to include usages in: query name: include_usages required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBServiceUsageSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read load balancer service usage summary tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Usage x-vmw-nsx-module: PolicyLBStatistics /infra/lb-services: get: consumes: - application/json description: | Paginated list of all LBService. operationId: ListLBServices parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBService tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Services x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-services/{lb-service-id}: delete: consumes: - application/json description: | Delete the LBService along with all the entities contained by this LBService. operationId: DeleteLBService parameters: - description: |- LBService ID in: path name: lb-service-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete LBService and all the entities contained by this LBService tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Services x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read an LBService. operationId: ReadLBService parameters: - description: |- LBService ID in: path name: lb-service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBService tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Services x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBService with the lb-service-id is not already present, create a new LBService. If it already exists, update the LBService. This is a full replace. operationId: PatchLBService parameters: - description: |- LBService ID in: path name: lb-service-id required: true type: string - in: body name: LBService required: true schema: $ref: '#/definitions/LBService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBVirtualServer tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Services x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBService with the lb-service-id is not already present, create a new LBService. If it already exists, update the LBService. This is a full replace. operationId: UpdateLBService parameters: - description: |- LBService ID in: path name: lb-service-id required: true type: string - in: body name: LBService required: true schema: $ref: '#/definitions/LBService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBService tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Services x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-services/{lb-service-id}/detailed-status: get: consumes: - application/json description: | Get LBService detailed status information. - no enforcement point path specified: Information will be aggregated from each enforcement point. - {enforcement_point_path}: Information will be retrieved only from the given enforcement point. operationId: GetLBServiceStatus parameters: - description: |- LBService id in: path name: lb-service-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Flag to indicate whether include detail information in: query name: include_instance_details required: false type: boolean - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: The UUIDs of transport nodes in: query name: transport_node_ids required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBServiceStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get LBService status information tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Status x-vmw-nsx-module: PolicyLBStatistics /infra/lb-services/{lb-service-id}/lb-pools/{lb-pool-id}/detailed-status: get: consumes: - application/json description: | Get LBPool detailed status information. - no enforcement point path specified: Information will be aggregated from each enforcement point. - {enforcement_point_path}: Information will be retrieved only from the given enforcement point. operationId: GetLBPoolStatus parameters: - description: |- LBService id in: path name: lb-service-id required: true type: string - description: |- LBPool id in: path name: lb-pool-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBPoolStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get LBPool status information tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Status x-vmw-nsx-module: PolicyLBStatistics /infra/lb-services/{lb-service-id}/lb-pools/{lb-pool-id}/statistics: get: consumes: - application/json description: | Get LBPoolStatistics information. - no enforcement point path specified: Information will be aggregated from each enforcement point. - {enforcement_point_path}: Information will be retrieved only from the given enforcement point. operationId: GetLBPoolStatistics parameters: - description: |- LBService id in: path name: lb-service-id required: true type: string - description: |- LBPool id in: path name: lb-pool-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBPoolStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get LBPool statistics information tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Statistics x-vmw-nsx-module: PolicyLBStatistics /infra/lb-services/{lb-service-id}/lb-virtual-servers/{lb-virtual-server-id}/detailed-status: get: consumes: - application/json description: | Get LBVirtualServer detailed status information. - no enforcement point path specified: Information will be aggregated from each enforcement point. - {enforcement_point_path}: Information will be retrieved only from the given enforcement point. operationId: GetLBVirtualServerStatus parameters: - description: |- LBService id in: path name: lb-service-id required: true type: string - description: |- LBVirtualServer id in: path name: lb-virtual-server-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBVirtualServerStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get LBVirtualServer status information tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Status x-vmw-nsx-module: PolicyLBStatistics /infra/lb-services/{lb-service-id}/lb-virtual-servers/{lb-virtual-server-id}/statistics: get: consumes: - application/json description: | Get LBVirtualServerStatistics information. - no enforcement point path specified: Information will be aggregated from each enforcement point. - {enforcement_point_path}: Information will be retrieved only from the given enforcement point. operationId: GetLBVirtualServerStatistics parameters: - description: |- LBService id in: path name: lb-service-id required: true type: string - description: |- LBVirtualServer id in: path name: lb-virtual-server-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBVirtualServerStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get LBVirtualServer statistics information tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Statistics x-vmw-nsx-module: PolicyLBStatistics /infra/lb-services/{lb-service-id}/service-usage: get: consumes: - application/json description: | Get LBServiceUsage information. - no enforcement point path specified: Information will be aggregated from each enforcement point. - {enforcement_point_path}: Information will be retrieved only from the given enforcement point. operationId: GetLBServiceUsage parameters: - description: |- LBService id in: path name: lb-service-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBServiceUsage' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get LBService usage information tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Usage x-vmw-nsx-module: PolicyLBStatistics /infra/lb-services/{lb-service-id}/statistics: get: consumes: - application/json description: | Get LBServiceStatistics information. - no enforcement point path specified: Information will be aggregated from each enforcement point. - {enforcement_point_path}: Information will be retrieved only from the given enforcement point. operationId: GetLBServiceStatistics parameters: - description: |- LBService id in: path name: lb-service-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateLBServiceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get LBService statistics information tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Usage - Statistics x-vmw-nsx-module: PolicyLBStatistics /infra/lb-ssl-ciphers-and-protocols: get: consumes: - application/json description: | Retrieve a list of supported SSL ciphers and protocols. operationId: ListSslCiphersAndProtocols parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LbSslCipherAndProtocolListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Retrieve a list of supported SSL ciphers and protocols tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Profiles - Load Balancer SSL Profiles - Load Balancer SSL Ciphers And Protocols x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-virtual-servers: get: consumes: - application/json description: | Paginated list of all LBVirtualServers. operationId: ListLBVirtualServers parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBVirtualServerListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LBVirtualServers tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Virtual Servers x-vmw-nsx-module: PolicyLoadBalancer /infra/lb-virtual-servers/{lb-virtual-server-id}: delete: consumes: - application/json description: | Delete the LBVirtualServer along with all the entities contained by this LBVirtualServer. operationId: DeleteLBVirtualServer parameters: - description: |- LBVirtualServer ID in: path name: lb-virtual-server-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete LBVirtualServer and all the entities contained by this LBVirtualServer tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Virtual Servers x-vmw-nsx-module: PolicyLoadBalancer get: consumes: - application/json description: | Read a LBVirtualServer. operationId: ReadLBVirtualServer parameters: - description: |- LBVirtualServer ID in: path name: lb-virtual-server-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBVirtualServer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read LBVirtualServer tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Virtual Servers x-vmw-nsx-module: PolicyLoadBalancer patch: consumes: - application/json description: | If a LBVirtualServer with the lb-virtual-server-id is not already present, create a new LBVirtualServer. If it already exists, update the LBVirtualServer. This is a full replace. operationId: PatchLBVirtualServer parameters: - description: |- LBVirtualServer ID in: path name: lb-virtual-server-id required: true type: string - in: body name: LBVirtualServer required: true schema: $ref: '#/definitions/LBVirtualServer' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBVirtualServer tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Virtual Servers x-vmw-nsx-module: PolicyLoadBalancer put: consumes: - application/json description: | If a LBVirtualServer with the lb-virtual-server-id is not already present, create a new LBVirtualServer. If it already exists, update the LBVirtualServer. This is a full replace. operationId: UpdateLBVirtualServer parameters: - description: |- LBVirtualServer ID in: path name: lb-virtual-server-id required: true type: string - in: body name: LBVirtualServer required: true schema: $ref: '#/definitions/LBVirtualServer' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LBVirtualServer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a LBVirtualServer tags: - Policy - Networking - Network Services - Load Balancing - Load Balancer Virtual Servers x-vmw-nsx-module: PolicyLoadBalancer /infra/livetraces: get: consumes: - application/json description: | Get a paginated list of all livetrace config entities. operationId: ListLiveTraceConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LiveTraceConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List livetrace config entities tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity /infra/livetraces/statuses: get: consumes: - application/json description: |- Get a list of all livetrace status entities. operationId: ListLiveTraceStatus parameters: - description: Enforcement point path in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LiveTraceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List livetrace status entities tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity /infra/livetraces/{livetrace-id}: delete: consumes: - application/json description: | Delete livetrace config with the specified identifier. operationId: DeleteLiveTraceConfig parameters: - in: path name: livetrace-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a livetrace config tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read livetrace config with the specified identifier. operationId: ReadLiveTraceConfig parameters: - in: path name: livetrace-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LiveTraceConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a livetrace config tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a livetrace config with the specified identifier is not present, then create a new livetrace config. If it already exists, update the livetrace config with a full replacement. operationId: PatchLiveTraceConfig parameters: - in: path name: livetrace-id required: true type: string - in: body name: LiveTraceConfig required: true schema: $ref: '#/definitions/LiveTraceConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a livetrace config tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity post: consumes: - application/json description: | Restart a livetrace session with the same set of parameters used in creating or updating of a livetrace config. operationId: RestartLivetrace parameters: - in: path name: livetrace-id required: true type: string - description: Action to be performed in: query name: action type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LiveTraceConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Restart a livetrace session tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a livetrace config with the specified identifier is not present, then create a new livetrace config. If it already exists, update the livetrace config with a full replacement. operationId: UpdateLiveTraceConfig parameters: - in: path name: livetrace-id required: true type: string - in: body name: LiveTraceConfig required: true schema: $ref: '#/definitions/LiveTraceConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LiveTraceConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a livetrace config tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity /infra/livetraces/{livetrace-id}/result: get: consumes: - application/json description: | Read result for a livetrace config with the specified identifier. operationId: ReadLiveTraceResult parameters: - in: path name: livetrace-id required: true type: string - description: Enforcement point path in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LiveTraceResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read livetrace result tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity /infra/livetraces/{livetrace-id}/status: get: consumes: - application/json description: | Read status for a livetrace config with the specified identifier. operationId: ReadLiveTraceStatus parameters: - in: path name: livetrace-id required: true type: string - description: Enforcement point path in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LiveTraceStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read livetrace status tags: - Policy - Monitoring - Livetrace x-vmw-nsx-module: PolicyConnectivity /infra/mac-discovery-profiles: get: consumes: - application/json description: | API will list all Mac Discovery Profiles active in current discovery profile id. operationId: GetMacDiscoveryProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MacDiscoveryProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Mac Discovery Profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery /infra/mac-discovery-profiles/{mac-discovery-profile-id}: delete: consumes: - application/json description: | API will delete Mac Discovery profile. operationId: DeleteMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery get: consumes: - application/json description: | API will get Mac Discovery profile. operationId: GetMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MacDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery patch: consumes: - application/json description: | API will create Mac Discovery profile. operationId: CreateMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string - in: body name: MacDiscoveryProfile required: true schema: $ref: '#/definitions/MacDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery put: consumes: - application/json description: | API will update Mac Discovery profile. operationId: UpdateMacDiscoveryProfile parameters: - description: |- Mac Discovery Profile ID in: path name: mac-discovery-profile-id required: true type: string - in: body name: MacDiscoveryProfile required: true schema: $ref: '#/definitions/MacDiscoveryProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MacDiscoveryProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Mac Discovery Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - MAC Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery /infra/manager-ip-pools: get: consumes: - application/json description: | Paginated list of Manager Ip Pools. operationId: ListManagerIpPools parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPoolListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Manager Ip Pools tags: - Policy - Networking - IP Management - Manager IP Pools x-vmw-nsx-module: PolicyIpam /infra/manager-ip-pools/{manager-ip-pool-id}: get: consumes: - application/json description: | Read Manager Ip Pool with given Id. operationId: ReadManagerIpPool parameters: - in: path name: manager-ip-pool-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IpAddressPool' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Manager Ip Pool tags: - Policy - Networking - IP Management - Manager IP Pools x-vmw-nsx-module: PolicyIpam /infra/metadata-proxies: get: consumes: - application/json description: |- List all L2 Metadata Proxy Configurations operationId: ListMetadataProxyConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MetadataProxyConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Metadata Proxy Configurations tags: - Policy - Networking - Network Services - Metadata Proxy x-vmw-nsx-module: PolicyMetadataProxy /infra/metadata-proxies/{metadata-proxy-id}: delete: consumes: - application/json description: |- API will delete Metadata Proxy Config with ID profile-id operationId: DeleteMetadataProxyConfig parameters: - description: |- Metadata Proxy ID in: path name: metadata-proxy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Metadata Proxy Config tags: - Policy - Networking - Network Services - Metadata Proxy x-vmw-nsx-module: PolicyMetadataProxy get: consumes: - application/json description: |- API will read Metadata Proxy Config with ID profile-id operationId: ReadMetadataProxyConfig parameters: - description: |- Metadata Proxy ID in: path name: metadata-proxy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MetadataProxyConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Metadata Proxy Config tags: - Policy - Networking - Network Services - Metadata Proxy x-vmw-nsx-module: PolicyMetadataProxy patch: consumes: - application/json description: | API will create or update Metadata Proxy Config with ID profile-id. Maximum 10 Metadata Proxy Configurations are supported. operationId: PatchMetadataProxyConfig parameters: - description: |- Metadata Proxy ID in: path name: metadata-proxy-id required: true type: string - in: body name: MetadataProxyConfig required: true schema: $ref: '#/definitions/MetadataProxyConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Metadata Proxy Config tags: - Policy - Networking - Network Services - Metadata Proxy x-vmw-nsx-module: PolicyMetadataProxy put: consumes: - application/json description: |- API will create or update Metadata Proxy Config with ID profile-id operationId: UpdateMetadataProxyConfig parameters: - description: |- Metadata Proxy ID in: path name: metadata-proxy-id required: true type: string - in: body name: MetadataProxyConfig required: true schema: $ref: '#/definitions/MetadataProxyConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MetadataProxyConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Metadata Proxy Config tags: - Policy - Networking - Network Services - Metadata Proxy x-vmw-nsx-module: PolicyMetadataProxy /infra/metadata-proxies/{metadata-proxy-id}/statistics: get: consumes: - application/json description: |- Get metadata proxy status operationId: ReadMetadataProxyStatistics parameters: - in: path name: metadata-proxy-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: String Path of the segment which is associated with this metadata proxy in: query name: segment_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMetadataProxyStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get metadata proxy status tags: - Policy - Networking - Network Services - Metadata Proxy - Status x-vmw-nsx-module: PolicyMetadataProxy /infra/metadata-proxies/{metadata-proxy-id}/status: get: consumes: - application/json description: |- Get metadata proxy status operationId: ReadMetadataProxyStatus parameters: - in: path name: metadata-proxy-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: String Path of the segment which is associated with this metadata proxy in: query name: segment_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMetadataProxyStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get metadata proxy status tags: - Policy - Networking - Network Services - Metadata Proxy - Status x-vmw-nsx-module: PolicyMetadataProxy /infra/napp/common-agent/host-config: get: consumes: - application/json description: | Get the current NSX Application Platform Common Agent host configuration. Recommend to keep the value same for flow_data_collection_interval and context_data_collection_interval. operationId: GetCommonAgentHostConfiguration produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommonAgentHostConfigurationInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NSX Application Platform Common Agent host configuration tags: - NSX Application Platform - Platform - Host Agent x-vmw-nsx-module: PolicyCloudNativeCommonAgent patch: consumes: - application/json description: | Patch the current NSX Application Platform Common Agent host configuration. Return error if NSX Application Platform Common Agent is not registered with NSX. "private_ip_range" is the only field allowed to patch. operationId: PatchCommonAgentHostConfiguration parameters: - in: body name: CommonAgentHostConfigurationInfo required: true schema: $ref: '#/definitions/CommonAgentHostConfigurationInfo' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommonAgentHostConfigurationInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch NSX Application Platform Common Agent host configuration tags: - NSX Application Platform - Platform - Host Agent x-vmw-nsx-module: PolicyCloudNativeCommonAgent /infra/napp/common-agent/host-config?action=reset: post: consumes: - application/json description: | Reset NSX Application Platform Common Agent host configuration to the default setting. Clear NSX Application Platform Common Agent host configuration if NSX Application Platform Common Agent is not registered with NSX. Return the NSX Application Platform Common Agent host configuration after reset operation. operationId: ResetCommonAgentHostConfiguration produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommonAgentHostConfigurationInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset NSX Application Platform Common Agent host configuration tags: - NSX Application Platform - Platform - Host Agent x-vmw-nsx-module: PolicyCloudNativeCommonAgent /infra/nvds-urt/precheck: get: consumes: - application/json description: |- Retrieve latest precheck ID of the N-VDS to VDS migration operationId: PolicyGetNvdsUpgradePrecheckId produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/NvdsUpgradePrecheckId' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Retrieve latest precheck ID of the N-VDS to VDS migration tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck put: consumes: - application/json description: |- Start precheck for N-VDS to VDS migration operationId: PolicyCreateNvdsUpgradePrecheck produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/NvdsUpgradePrecheckId' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Start precheck for N-VDS to VDS migration tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck /infra/nvds-urt/precheck-by-clusters: put: consumes: - application/json description: |- Start precheck for N-VDS to VDS migration by clusters operationId: PolicyCreateNvdsUpgradePrecheckByClusters parameters: - in: body name: PrecheckParameters required: true schema: $ref: '#/definitions/PrecheckParameters' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/NvdsUpgradePrecheckId' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Start precheck for N-VDS to VDS migration by clusters tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck /infra/nvds-urt/status-summary/{precheck-id}: get: consumes: - application/json description: |- Get summary of N-VDS to VDS migration operationId: PolicyGetNvdsUpgradeReadinessCheckSummary parameters: - in: path name: precheck-id required: true type: string - description: cluster identifier in: query name: cluster_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/NvdsUpgradeStatusSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get summary of N-VDS to VDS migration tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck /infra/nvds-urt/topology/{precheck-id}: get: consumes: - application/json description: |- Recommmended topology operationId: PolicyGetRecommendedVdsTopology parameters: - in: path name: precheck-id required: true type: string - description: cluster identifier in: query name: cluster_id required: false type: string - description: vCenter identifier in: query name: compute_manager_id required: false type: string - description: Flag to indicate if VdsTopology should contain VDS configuration in: query name: show_vds_config required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UpgradeTopology' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Recommmended topology tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck /infra/nvds-urt/topology?action=apply: put: consumes: - application/json description: |- Set VDS configuration and create it in vCenter operationId: PolicySetTargetVdsTopology parameters: - in: body name: UpgradeTopology required: true schema: $ref: '#/definitions/UpgradeTopology' - description: cluster identifier in: query name: cluster_id required: false type: string - description: Flag to indicate if use recommended topology got from the latest precheck in: query name: use_recommended_topology_config required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UpgradeTopology' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Set VDS configuration and create it in vCenter tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck /infra/nvds-urt?action=cleanup: put: consumes: - application/json description: |- Clean up all nvds upgrade related configurations operationId: PolicyNvdsUpgradeCleanup responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Clean up all nvds upgrade related configurations tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck /infra/nvds-urt?action=ignore_migrate_status: put: consumes: - application/json description: |- Set the migrate status key of ExtraConfigProfile of all Transport Nodes to IGNORE operationId: PolicyIgnoreMigrateStatus responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Set the migrate status key of ExtraConfigProfile of all Transport Nodes to IGNORE tags: - System Administration - Lifecycle Management - Migration - NVDS x-vmw-nsx-module: PolicyNvdsUpgradeReadinessCheck /infra/ops-global-config: get: consumes: - application/json description: | Read global Operations Configuration operationId: readOpsGlobalConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OpsGlobalConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read global Operations Configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy patch: consumes: - application/json description: |- Update the global Operationconfiguration operationId: patchOpsGlobalConfig parameters: - in: body name: OpsGlobalConfig required: true schema: $ref: '#/definitions/OpsGlobalConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the global Operationconfiguration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy put: consumes: - application/json description: |- Update the global Operations Configuration operationId: putOpsGlobalConfig parameters: - in: body name: OpsGlobalConfig required: true schema: $ref: '#/definitions/OpsGlobalConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OpsGlobalConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the global Operations Configuration tags: - Policy - Networking - Networking Profiles - Global Gateway Configuration x-vmw-nsx-module: Policy /infra/partner-services: get: consumes: - application/json description: |- Read all the partner services available for service insertion operationId: ReadPartnerServices parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInsertionServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read partner services tags: - Policy - Security - Service Insertion - Partner Services x-vmw-nsx-module: PolicyServiceInsertion /infra/partner-services/{service-name}: get: consumes: - application/json description: |- Read the specific partner service identified by provided name. operationId: ReadPartnerService parameters: - description: |- Name of the service in: path name: service-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceDefinition' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read partner service identified by provided name tags: - Policy - Security - Service Insertion - Partner Services x-vmw-nsx-module: PolicyServiceInsertion /infra/pim-profiles: get: consumes: - application/json description: | List all pim profile. operationId: ListPolicyPimProfile parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyPimProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Pim Profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast /infra/pim-profiles/{pim-profile-id}: delete: consumes: - application/json description: |- Delete Pim Profile. operationId: DeletePolicyPimProfile parameters: - description: |- pim profile id in: path name: pim-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Pim Profile tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyMulticast get: consumes: - application/json description: | Read Pim Profile. operationId: ReadPolicyPimProfile parameters: - description: |- pim profile id in: path name: pim-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyPimProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Pim Profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast patch: consumes: - application/json description: | Create a pim profile with the pim-profile-id is not already present, otherwise update the pim profile. operationId: PatchPolicyPimProfile parameters: - description: |- pim profile id in: path name: pim-profile-id required: true type: string - in: body name: PolicyPimProfile required: true schema: $ref: '#/definitions/PolicyPimProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update pim profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast put: consumes: - application/json description: | Create or update pim profile. operationId: CreateOrUpdatePolicyPimProfile parameters: - description: |- pim profile id in: path name: pim-profile-id required: true type: string - in: body name: PolicyPimProfile required: true schema: $ref: '#/definitions/PolicyPimProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyPimProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update pim profile tags: - Policy - Networking - Networking Profiles - Multicast Profiles x-vmw-nsx-module: PolicyMulticast /infra/pod-group-associations: get: consumes: - application/json description: | Get policy groups for which the given pod is a member. operationId: GetGroupsForContainerApplicationInstance parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: ContainerApplicationInstance in: query name: pod_id required: true type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given pod is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/port-mirroring-profiles: get: consumes: - application/json description: | API will list all port mirroring profiles group. operationId: ListPortMirroringProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port Mirroring Profiles tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring /infra/port-mirroring-profiles/{port-mirroring-profile-id}: delete: consumes: - application/json description: | API will delete port mirroring profile. Mirroring from source to destination ports will be stopped. operationId: DeletePortMirroringProfile parameters: - description: |- Port Mirroring Profile Id in: path name: port-mirroring-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port Mirroring Profile tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring get: consumes: - application/json description: | API will return details of port mirroring profile. operationId: ReadPortMirroringProfile parameters: - description: |- Port Mirroring Profile Id in: path name: port-mirroring-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Details of Port Mirroring Profile tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring patch: consumes: - application/json description: | Create a new Port Mirroring Profile if the Port Mirroring Profile with given id does not already exist. If the Port Mirroring Profile with the given id already exists, patch with the existing Port Mirroring Profile. Realized entities of this API can be found using the path of monitoring profile binding map that is used to apply this profile. operationId: PatchPortMirroringProfile parameters: - description: |- Port Mirroring Profile Id in: path name: port-mirroring-profile-id required: true type: string - in: body name: PortMirroringProfile required: true schema: $ref: '#/definitions/PortMirroringProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Port Mirroring Profile. tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring put: consumes: - application/json description: | Create or Replace port mirroring profile. Packets will be mirrored from source group, segment, port to destination group. Realized entities of this API can be found using the path of monitoring profile binding map that is used to apply this profile. operationId: CreateOrReplacePortMirroringProfile parameters: - description: |- Port Mirroring Profiles Id in: path name: port-mirroring-profile-id required: true type: string - in: body name: PortMirroringProfile required: true schema: $ref: '#/definitions/PortMirroringProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMirroringProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace Port Mirroring Profile. tags: - Policy - Monitoring - Port Mirroring x-vmw-nsx-module: PolicyPortMirroring /infra/qos-profiles: get: consumes: - application/json description: | API will list all QoS profiles. operationId: ListQoSProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/QoSProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List QoS Profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS /infra/qos-profiles/{qos-profile-id}: delete: consumes: - application/json description: | API will delete QoS profile. operationId: DeleteQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete QoS profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS get: consumes: - application/json description: | API will return details of QoS profile. operationId: ReadQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/QoSProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Details of QoS profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS patch: consumes: - application/json description: | Create a new QoS profile if the QoS profile with given id does not already exist. If the QoS profile with the given id already exists, patch with the existing QoS profile. operationId: PatchQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string - in: body name: QoSProfile required: true schema: $ref: '#/definitions/QoSProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch QoS profile. tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS put: consumes: - application/json description: | Create or Replace QoS profile. operationId: CreateOrReplaceQoSProfile parameters: - description: |- QoS profile Id in: path name: qos-profile-id required: true type: string - in: body name: QoSProfile required: true schema: $ref: '#/definitions/QoSProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/QoSProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace QoS profile. tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profiles x-vmw-nsx-module: PolicyQoS /infra/reactions: get: consumes: - application/json description: | Get paginated list of all Reactions under Infra. operationId: ListInfraReactions parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ReactionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Reaction list result tags: - Policy - Infra - Reactions x-vmw-nsx-module: PolicyReaction /infra/reactions/{reaction-id}: delete: consumes: - application/json description: | Delete a Reaction under Infra. operationId: DeleteInfraReaction parameters: - in: path name: reaction-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Reaction tags: - Policy - Infra - Reactions x-vmw-nsx-module: PolicyReaction get: consumes: - application/json description: | Get Reaction under Infra. operationId: GetInfraReaction parameters: - in: path name: reaction-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Reaction' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Reaction tags: - Policy - Infra - Reactions x-vmw-nsx-module: PolicyReaction patch: consumes: - application/json description: | Create or patch a Reaction under Infra. operationId: CreateOrPatchInfraReaction parameters: - in: path name: reaction-id required: true type: string - in: body name: Reaction required: true schema: $ref: '#/definitions/Reaction' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a Reaction tags: - Policy - Infra - Reactions x-vmw-nsx-module: PolicyReaction put: consumes: - application/json description: | Create or fully replace a Reaction under Infra. Revision is optional for creation and required for update. operationId: CreateOrUpdateInfraReaction parameters: - in: path name: reaction-id required: true type: string - in: body name: Reaction required: true schema: $ref: '#/definitions/Reaction' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Reaction' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace a Reaction tags: - Policy - Infra - Reactions x-vmw-nsx-module: PolicyReaction /infra/realized-state/alarms: get: consumes: - application/json description: | Paginated list of all alarms. operationId: ListAlarms parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyAlarmResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List All alarms in the system tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points: get: consumes: - application/json description: | Paginated list of all enforcement points. Returns the populated enforcement points. operationId: ListEnforcementPointRealizedStates parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedEnforcementPointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Enforcement Points tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}: get: consumes: - application/json description: | Read a Enforcement Point and the complete tree underneath. Returns the populated enforcement point object. operationId: ReadEnforcementPointRealizedState parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedEnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Enforcement Point tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/firewalls/firewall-sections: get: consumes: - application/json description: | Paginated list of all Firewalls. Returns populated Firewalls. operationId: ListFirewallSectionRealizedStates parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedFirewallSectionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall Sections tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/firewalls/firewall-sections/{firewall-section-id}: get: consumes: - application/json description: | Read a Firewall and the complete tree underneath. Returns the populated Firewall object. operationId: ReadFirewallSectionRealizedState parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: |- Firewall Section Id in: path name: firewall-section-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedFirewallSection' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Firewall tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/groups/nsgroups: get: consumes: - application/json description: | Paginated list of all NSGroups. Returns populated NSGroups. operationId: ListNSGroupRealizedStates parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NS Groups tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/groups/nsgroups/{nsgroup-name}: get: consumes: - application/json description: | Read a NSGroup and the complete tree underneath. Returns the populated NSgroup object. operationId: ReadNSGroupRealizedState parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: |- Group Name in: path name: nsgroup-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResource' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Group tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/groups/securitygroups: get: consumes: - application/json description: | Paginated list of all Security Groups. Returns populated Security Groups. operationId: ListSecurityGroupRealizedStates parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedSecurityGroupListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Security Groups tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/groups/securitygroups/{securitygroup-name}: get: consumes: - application/json description: | Read a Security Group and the complete tree underneath. Returns the populated Security Group object. operationId: ReadSecurityGroupRealizedState parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: |- Group Name in: path name: securitygroup-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedSecurityGroup' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Group tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/ip-sets/ip-sets-nsxt: get: consumes: - application/json description: | Paginated list of all Realized IPSets operationId: ListIPSetRealizedStates parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IPSets tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/ip-sets/ip-sets-nsxt/{ip-set-name}: get: consumes: - application/json description: | Read an IPSet operationId: ReadIPSetRealizedState parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: |- IPSet name in: path name: ip-set-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResource' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IPSet Realized state tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/mac-sets/mac-sets-nsxt: get: consumes: - application/json description: | Paginated list of all Realized MACSets operationId: ListMACSetRealizedStates parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List MACSets tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/mac-sets/mac-sets-nsxt/{mac-set-name}: get: consumes: - application/json description: | Read an MACSet operationId: ReadMACSetRealizedState parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: |- MACSet name in: path name: mac-set-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResource' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read MACSet Realized state tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/services/nsservices: get: consumes: - application/json description: | Paginated list of all Realized NSService. operationId: ListNSServiceRealizedStates parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Realized NSServices tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/services/nsservices/{nsservice-name}: get: consumes: - application/json description: | Read a NSService. operationId: ReadNSServiceRealizedState parameters: - description: |- Enforcement Point Name in: path name: enforcement-point-name required: true type: string - description: |- NSService Name in: path name: nsservice-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResource' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read NSService tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/vifs: get: consumes: - application/json description: | This API lists VIFs from the specified NSX Manager. operationId: ListVifsOnEnforcementPoint parameters: - in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: LPort attachment ID of the VIF. in: query name: lport_attachment_id required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualNetworkInterfaceListResult' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Listing of VIFs on the NSX Manager tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/virtual-machines: get: consumes: - application/json description: | This API filters objects of type virtual machines from the specified NSX Manager. This API has been deprecated. Please use the new API GET /infra/realized-state/virtual-machines operationId: ListVirtualMachinesOnEnforcementPoint parameters: - in: path name: enforcement-point-name required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Search DSL (domain specific language) query in: query name: dsl required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Search query in: query name: query required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SearchResponse' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Listing of Virtual machines on the NSX Manager tags: - Policy - Inventory - Virtual Machines x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/virtual-machines/{virtual-machine-id}/details: get: consumes: - application/json description: | This API return optional details about a virtual machines (e.g. user login session) from the specified enforcement point. In case of NSXT, virtual-machine-id would be the value of the external_id of the virtual machine. operationId: ReadVirtualMachineDetails parameters: - in: path name: enforcement-point-name required: true type: string - in: path name: virtual-machine-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualMachineDetails' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the details of a virtual machine on the NSX Manager tags: - Policy - Inventory - Virtual Machines x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/enforcement-points/{enforcement-point-name}/virtual-machines?action=update_tags: post: consumes: - application/json description: | Allows an admin to apply multiple tags to a virtual machine. This operation does not store the intent on the policy side. It applies the tag directly on the specified enforcement point. This operation will replace the existing tags on the virtual machine with the ones that have been passed. If the application of tag fails on the enforcement point, then an error is reported. The admin will have to retry the operation again. Policy framework does not perform a retry. Failure could occur due to multiple reasons. For e.g enforcement point is down, Enforcement point could not apply the tag due to constraints like max tags limit exceeded, etc. operationId: TagVirtualMachine parameters: - in: path name: enforcement-point-name required: true type: string - in: body name: VirtualMachineTagsUpdate required: true schema: $ref: '#/definitions/VirtualMachineTagsUpdate' responses: '204': description: No Content '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Apply tags on virtual machine tags: - Policy - Inventory - Virtual Machines x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/realized-entities: get: consumes: - application/json description: | Get list of realized entities associated with intent object, specified by path in query parameter operationId: ListRealizedEntities parameters: - description: String Path of the intent object in: query name: intent_path required: true type: string - description: Policy Path of the site in: query name: site_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResourceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get list of realized objects associated with intent object tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/realized-entity: get: consumes: - application/json description: | Get realized entity uniquely identified by realized path, specified by query parameter operationId: ReadRealizedEntity parameters: - description: String Path of the realized object in: query name: realized_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GenericPolicyRealizedResource' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get realized entity uniquely identified by realized path tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/realized-entity?action=refresh: post: consumes: - application/json description: | Refresh the status and statistics of all realized entities associated with given intent path synchronously. The vmw-async: True HTTP header cannot be used with this API. operationId: RefreshRealizedState parameters: - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: String Path of the intent object in: query name: intent_path required: true type: string responses: '204': description: No Content '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Refresh all realized entities associated with the intent-path tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/status: get: consumes: - application/json description: | Get Consolidated Status of an intent object (with or without enforcement specific status details). The request is evaluated as follows: - <intent_path>: the request is evaluated on all enforcement points for the given intent without enforcement point specific details. - <intent_path, include_enforced_status>: the request is evaluated on all enforcement points for the given intent with enforcement point specific details. operationId: ReadIntentStatus parameters: - default: false description: Include Enforced Status Flag in: query name: include_enforced_status type: boolean - description: Policy Path of the intent object in: query name: intent_path required: true type: string - description: Policy Path of the site from where the realization status needs to be fetched in: query name: site_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ConsolidatedRealizedStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get consolidated status of an intent object tags: - Policy - Infra - Realized State x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/system-excluded-virtual-machines: get: consumes: - application/json description: | Lists all the system virtual machines that are auto excluded in firewall exclude list (example -Partner and Edge VMs etc) operationId: ListSystemExcludedVMs parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Search query in: query name: query required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Lists all the system excluded virtual machines. tags: - Policy - Inventory - Virtual Machines x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/system-virtual-machines: get: consumes: - application/json description: | Lists all the system virtual machines (example -Partner and Edge VMs etc) operationId: ListSystemVMs parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Search query in: query name: query required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Lists all the system virtual machines. tags: - Policy - Inventory - Virtual Machines x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/unassociated-virtual-machines: get: consumes: - application/json description: | This API filters objects of type virtual machine which are not part of any group. This API also gives some VM details such as VM name, IDs and the current state of the VMs. operationId: ListAllUnAssociatedVirtualMachines parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all virtual machines which are not part of any group tags: - Policy - Inventory - Virtual Machines x-vmw-nsx-module: PolicyRealizedState /infra/realized-state/virtual-machines: get: consumes: - application/json description: | This API filters objects of type virtual machine. This API also gives some VM details such as VM name, IDs and the current state of the VMs. operationId: ListAllVirtualMachines parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all virtual machines tags: - Policy - Inventory - Virtual Machines x-vmw-nsx-module: PolicyRealizedState /infra/security-global-config: get: consumes: - application/json description: | This reads the security-global-config used for NSX Manager appliance certificates. These properties are not sent to the hosts. operationId: ReadSecurityGlobalConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InfraSecurityConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read security global configuration x-vmw-nsx-module: Policy put: consumes: - application/json description: | This updates the security-global-config used for NSX Manager appliance certificates. These properties are not sent to the hosts. operationId: UpdateSecurityGlobalConfig parameters: - in: body name: InfraSecurityConfig required: true schema: $ref: '#/definitions/InfraSecurityConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InfraSecurityConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the security global configuration x-vmw-nsx-module: Policy /infra/security/tls-inspection-config-profiles: get: consumes: - application/json description: |- API will list all TLS Config Profiles operationId: ListPolicyTlsConfigProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTlsConfigProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List TLS Config Profiles tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile /infra/security/tls-inspection-config-profiles/{tls-inspection-config-profile}: delete: consumes: - application/json description: |- API will delete TLS Config Profile operationId: DeletePolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile get: consumes: - application/json description: |- API will get TLS Config Profile operationId: GetPolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTlsConfigProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile patch: consumes: - application/json description: |- API will create/update TLS Config Profile operationId: PatchPolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string - in: body name: PolicyTlsConfigProfile required: true schema: $ref: '#/definitions/PolicyTlsConfigProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile put: consumes: - application/json description: |- API will update TLS Config Profile operationId: UpdatePolicyTlsConfigProfile parameters: - description: |- TLS Config Profile ID in: path name: tls-inspection-config-profile required: true type: string - in: body name: PolicyTlsConfigProfile required: true schema: $ref: '#/definitions/PolicyTlsConfigProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTlsConfigProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update TLS Config Profile tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyTlsConfigProfile /infra/segment-security-profiles: get: consumes: - application/json description: | API will list all segment security profiles. operationId: ListSegmentSecurityProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List segment security profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity /infra/segment-security-profiles/{segment-security-profile-id}: delete: consumes: - application/json description: | API will delete segment security profile with the given id. operationId: DeleteSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- DELETE segment security profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity get: consumes: - application/json description: | API will return details of the segment security profile with given id. If the profile does not exist, it will return 404. operationId: GetSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- GET Segment security profile id tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity patch: consumes: - application/json description: | Create a new segment security profile if the segment security profile with given id does not exist. Otherwise, PATCH the existing segment security profile operationId: PatchSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string - in: body name: SegmentSecurityProfile required: true schema: $ref: '#/definitions/SegmentSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- PATCH segment security profile id tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity put: consumes: - application/json description: | Create or replace a segment security profile operationId: CreateOrUpdateSegmentSecurityProfile parameters: - description: |- Segment security profile id in: path name: segment-security-profile-id required: true type: string - in: body name: SegmentSecurityProfile required: true schema: $ref: '#/definitions/SegmentSecurityProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- PUT segment security profile id tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profiles x-vmw-nsx-module: PolicySegmentSecurity /infra/segments: get: consumes: - application/json description: | Paginated list of all segments under infra. operationId: ListAllInfraSegments parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Segment type enum: - DVPortgroup - ALL in: query name: segment_type type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all segments under infra tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity /infra/segments/service-segments: get: consumes: - application/json description: | Paginated list of all Service Segments operationId: ListServiceSegments parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceSegmentListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Service Segments tags: - Policy - Networking - Connectivity - Segments - Service Segments x-vmw-nsx-module: PolicyConnectivity /infra/segments/service-segments/{service-segment-id}: delete: consumes: - application/json description: |- Delete Service Segment with given ID operationId: DeleteServiceSegment parameters: - description: |- Service Segment ID in: path name: service-segment-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Service Segment tags: - Policy - Networking - Connectivity - Segments - Service Segments x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read a Service Segment with the given id operationId: ReadServiceSegment parameters: - description: |- Service Segment ID in: path name: service-segment-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceSegment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Service Segment tags: - Policy - Networking - Connectivity - Segments - Service Segments x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | A service segment with the service-segment-id is created. Modification of service segment is not supported. operationId: PatchServiceSegment parameters: - description: |- Service Segment ID in: path name: service-segment-id required: true type: string - in: body name: ServiceSegment required: true schema: $ref: '#/definitions/ServiceSegment' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a service segment tags: - Policy - Networking - Connectivity - Segments - Service Segments x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | A service segment with the service-segment-id is created. Modification of service segment is not supported. operationId: CreateServiceSegment parameters: - description: |- Service Segment ID in: path name: service-segment-id required: true type: string - in: body name: ServiceSegment required: true schema: $ref: '#/definitions/ServiceSegment' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceSegment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service segment tags: - Policy - Networking - Connectivity - Segments - Service Segments x-vmw-nsx-module: PolicyConnectivity /infra/segments/state: get: consumes: - application/json description: | Returns all infra segments with configuration state on the enforcement point specified in the request operationId: GetInfraSegmentsByState parameters: - description: Configuration state of the segment on enforcement point enum: - pending - in_progress - success - failed - partial_success - orphaned - unknown in: query name: configuration_state required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segments by configuration state tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Port Discovery Profile Binding Maps in current port id. operationId: ListInfraPortDiscoveryBindings parameters: - in: path name: infra-segment-id required: true type: string - in: path name: infra-port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Port Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding ? /infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-discovery-profile-binding-maps/{port-discovery-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Infra Port Discovery Profile Binding Profile operationId: DeleteInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Infra Port Discovery Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding get: consumes: - application/json description: | API will get Infra Port Discovery Profile Binding Map operationId: GetInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding patch: consumes: - application/json description: |- API will create Infra Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: PatchInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Infra Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding put: consumes: - application/json description: |- API will update Infra Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdateInfraPortDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Infra Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Port Monitoring Profile Binding Maps in current port id. operationId: ListInfraPortMonitoringBindings parameters: - in: path name: infra-segment-id required: true type: string - in: path name: infra-port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Port Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Infra Port Monitoring Profile Binding Profile. operationId: DeleteInfraPortMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Infra Port Monitoring Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding get: consumes: - application/json description: | API will get Infra Port Monitoring Profile Binding Map. operationId: GetInfraPortMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding patch: consumes: - application/json description: |- API will create Infra Port Monitoring Profile Binding Map. operationId: PatchInfraPortMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding put: consumes: - application/json description: |- API will update Infra Port Monitoring Profile Binding Map. operationId: UpdateInfraPortMonitoringBinding parameters: - description: |- InfraSegment ID in: path name: infra-segment-id required: true type: string - description: |- Infra Port ID in: path name: infra-port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/segments/{infra-segment-id}/ports/{infra-port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get Infra Port Monitoring Profile Binding Map mirror stack status. operationId: GetInfraPortMonitoringBindingMirrorStackStatus parameters: - in: path name: infra-segment-id required: true type: string - in: path name: infra-port-id required: true type: string - in: path name: port-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Infra Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /infra/segments/{infra-segment-id}/segment-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Segment Discovery Profile Binding Maps in current segment id. operationId: ListInfraSegmentDiscoveryBindings parameters: - in: path name: infra-segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Segment Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /infra/segments/{infra-segment-id}/segment-discovery-profile-binding-maps/{segment-discovery-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Segment Discovery Profile Binding Profile operationId: DeleteInfraSegmentDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Segment Discovery Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding get: consumes: - application/json description: | API will get Infra Segment Discovery Profile Binding Map operationId: GetInfraSegmentDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding patch: consumes: - application/json description: |- API will create Infra Segment Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: PatchInfraSegmentDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string - in: body name: SegmentDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Infra Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding put: consumes: - application/json description: |- API will update Infra Segment Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdateInfraSegmentDiscoveryBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string - in: body name: SegmentDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Infra Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /infra/segments/{infra-segment-id}/segment-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Infra Segment Monitoring Profile Binding Maps in current segment id. operationId: ListInfraSegmentMonitoringBindings parameters: - in: path name: infra-segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Infra Segment Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /infra/segments/{infra-segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Infra Segment Monitoring Profile Binding Profile. operationId: DeleteInfraSegmentMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Infra Segment Monitoring Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding get: consumes: - application/json description: | API will get Infra Segment Monitoring Profile Binding Map. operationId: GetInfraSegmentMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding patch: consumes: - application/json description: |- API will create infra segment monitoring profile binding map. operationId: PatchInfraSegmentMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string - in: body name: SegmentMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Infra Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding put: consumes: - application/json description: |- API will update Infra Segment Monitoring Profile Binding Map. operationId: UpdateInfraSegmentMonitoringBinding parameters: - description: |- Infra Segment ID in: path name: infra-segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string - in: body name: SegmentMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Infra Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/segments/{infra-segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get Infra Segment Monitoring Profile Binding Map mirror stack status. operationId: GetInfraSegmentMonitoringBindingMirrorStackStatus parameters: - in: path name: infra-segment-id required: true type: string - in: path name: segment-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Infra Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /infra/segments/{segment-id}: delete: consumes: - application/json description: |- Delete infra segment operationId: DeleteInfraSegment parameters: - description: |- Segment ID in: path name: segment-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete infra segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read infra segment Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PATCH API payload, the path returned in the GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: ReadInfraSegment parameters: - description: |- Segment ID in: path name: segment-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Segment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read infra segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If segment with the segment-id is not already present, create a new segment. If it already exists, update the segment with specified attributes. operationId: PatchInfraSegment parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - in: body name: Segment required: true schema: $ref: '#/definitions/Segment' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If segment with the segment-id is not already present, create a new segment. If it already exists, replace the segment with this object. Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PATCH API payload, the path returned in the GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the Alarm, GPRR, error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: CreateOrReplaceInfraSegment parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - in: body name: Segment required: true schema: $ref: '#/definitions/Segment' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Segment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a infra segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity /infra/segments/{segment-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment operationId: GetDownlinkPortArpProxiesForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for infra segment tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment in CSV format operationId: GetDownlinkPortArpProxiesForInfraSegmentInCsv parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for infra segment in CSV format tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the interface (downlink) attaching segment to tier-0/tier-1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GetInfraSegmentInterfaceArpTable parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the interface (downlink) attaching segment to tier-0/tier-1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GetInfraSegmentInterfaceArpTableCsv parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/bep-statistics: get: consumes: - application/json description: | Get detailed information on infra segment bridge end point statistics using segment ID and profile path. operationId: InfraSegmentBridgeEndpointStatistics parameters: - in: path name: segment-id required: true type: string - description: Bridge profile path in: query name: bridge_profile_path required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BridgeEndpointStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment bridge end point statistics using segment ID and profile path. tags: - Policy - Networking - Connectivity - Segments - Bridge Endpoints - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/bep-status: get: consumes: - application/json description: | Get detailed information on Tier-1 segment bridge end point status using segment ID and profile path. operationId: InfraSegmentBridgeEndpointStatus parameters: - in: path name: segment-id required: true type: string - description: Bridge profile path in: query name: bridge_profile_path required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BridgeEndpointStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment bridge end point status using segment ID and profile path. tags: - Policy - Networking - Connectivity - Segments - Bridge Endpoints - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/dhcp-static-binding-configs: get: consumes: - application/json description: | Paginated list of all DHCP static binding instances operationId: ListInfraSegmentDhcpStaticBinding parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all DHCP static bindings tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings x-vmw-nsx-module: PolicyConnectivity /infra/segments/{segment-id}/dhcp-static-binding-configs/{binding-id}: delete: consumes: - application/json description: |- Delete DHCP static binding operationId: DeleteInfraSegmentDhcpStaticBinding parameters: - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read DHCP static binding operationId: ReadInfraSegmentDhcpStaticBinding parameters: - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If binding with the binding-id is not already present, create a new DHCP static binding instance. If it already exists, replace the existing DHCP static binding instance with specified attributes. operationId: PatchInfraSegmentDhcpStaticBinding parameters: - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string - in: body name: DhcpStaticBindingConfig required: true schema: $ref: '#/definitions/DhcpStaticBindingConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If binding with the binding-id is not already present, create a new DHCP static binding instance. If it already exists, replace the existing DHCP static binding instance with this object. operationId: CreateOrReplaceInfraSegmentDhcpStaticBinding parameters: - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string - in: body name: DhcpStaticBindingConfig required: true schema: $ref: '#/definitions/DhcpStaticBindingConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings x-vmw-nsx-module: PolicyConnectivity /infra/segments/{segment-id}/dhcp-static-bindings/{binding-id}/state: get: consumes: - application/json description: |- Read DHCP static binding state operationId: ReadInfraSegmentDhcpStaticBindingState parameters: - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding state tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/gateway-interface-arp-table: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/segments/<segment-id>/arp-table Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GetDownlinkPortArpTableForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/gateway-interface-arp-table?format=csv: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/segments/<segment-id>/arp-table?format=csv Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GetDownlinkPortArpTableForInfraSegmentInCsv parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-0 router in CSV tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/gateway-interface-dad-state: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GetDownlinkPortDadStateForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD state for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/gateway-interface-statistics: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GetDownlinkPortStatisticsForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/gateway-interface-statistics/summary: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-0 operationId: GetDownlinkPortStatisticsSummaryForInfraSegment parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-0 router tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GetInfraSegmentMacTable parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment MAC table tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GetInfraSegmentMacTableInCsv parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/MacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/ports: get: consumes: - application/json description: | List all the ports for an infra. operationId: ListInfraSegmentPorts parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List infra segment ports tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /infra/segments/{segment-id}/ports/{port-id}: delete: consumes: - application/json description: | Delete an infra segment port by giving ID. operationId: DeleteInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Get detail information on an infra segment port by giving ID. operationId: GetInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port by ID tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create an infra segment port if it does not exist based on the IDs, or update existing port information by replacing the port object fields which presents in the request body. operationId: PatchInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch an infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create an infra segment port if it does not exist based on the IDs, or update existing port information by replacing the port object already exists. operationId: CreateOrReplaceInfraSegmentPort parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update an infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /infra/segments/{segment-id}/ports/{port-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GetInfraSegmentPortMacTable parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get MAC table for infra segment port tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/ports/{port-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GetInfraSegmentPortMacTableInCsv parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Port QoS Profile Binding Maps in current port id. operationId: ListInfraPortQoSBindings parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /infra/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps/{port-qos-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Port QoS Profile Binding Profile. operationId: DeleteInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port QoS Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding get: consumes: - application/json description: | API will get Port QoS Profile Binding Map. operationId: GetInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding patch: consumes: - application/json description: |- API will create Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: PatchInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding put: consumes: - application/json description: |- API will update Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdateInfraPortQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /infra/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps: get: consumes: - application/json description: | API will list all port security profile binding maps. operationId: ListInfraSegmentPortSecurityProfileBindings parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List infra segment port security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /infra/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps/{port-security-profile-binding-map-id}: delete: consumes: - application/json description: | API will delete the port security profile binding map. operationId: DeleteInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete the infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding get: consumes: - application/json description: | API will return details of the port security profile binding map. If the security profile binding map does not exist, it will return 404. operationId: GetInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding patch: consumes: - application/json description: | Create a new port security profile binding map if the given security profile binding map does not exist. Otherwise, patch the existing port security profile binding map. For objects with no binding maps, default profile is applied. operationId: PatchInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding put: consumes: - application/json description: | API will create or replace the port security profile binding map. For objects with no binding maps, default profile is applied. operationId: CreateOrUpdateInfraSegmentPortSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace the infra segment port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /infra/segments/{segment-id}/ports/{port-id}/state: get: consumes: - application/json description: | Returns infra segment port state on enforcement point operationId: GetInfraSegmentPortState parameters: - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port state tags: - Policy - Networking - Connectivity - Segments - Ports - State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/segment-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment QoS Profile Binding Maps in current segment id. operationId: ListInfraSegmentQoSBindings parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /infra/segments/{segment-id}/segment-qos-profile-binding-maps/{segment-qos-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Segment QoS Profile Binding Profile. operationId: DeleteInfraSegmentQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Segment QoS Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding get: consumes: - application/json description: | API will get Segment QoS Profile Binding Map. operationId: GetInfraSegmentQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding patch: consumes: - application/json description: |- API will create segment QoS profile binding map. For objects with no binding maps, default profile is applied. operationId: PatchInfraSegmentQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string - in: body name: SegmentQoSProfileBindingMap required: true schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding put: consumes: - application/json description: |- API will update Segment QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdateInfraSegmentQoSBinding parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string - in: body name: SegmentQoSProfileBindingMap required: true schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /infra/segments/{segment-id}/segment-security-profile-binding-maps: get: consumes: - application/json description: | API will list all segment security profile binding maps. operationId: ListInfraSegmentSecurityProfileBindings parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List infra segment security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /infra/segments/{segment-id}/segment-security-profile-binding-maps/{segment-security-profile-binding-map-id}: delete: consumes: - application/json description: | API will delete segment security profile binding map. operationId: DeleteInfraSegmentSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete infra segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding get: consumes: - application/json description: | API will return details of the segment security profile binding map. If the binding map does not exist, it will return 404. operationId: GetInfraSegmentSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding patch: consumes: - application/json description: | Create a new segment security profile binding map if the given security profile binding map does not exist. Otherwise, patch the existing segment security profile binding map. For objects with no binding maps, default profile is applied. operationId: PatchInfraSegmentSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string - in: body name: SegmentSecurityProfileBindingMap required: true schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch infra segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding put: consumes: - application/json description: | API will create or replace segment security profile binding map. For objects with no binding maps, default profile is applied. operationId: CreateOrUpdateInfraSegmentSecurityProfileBinding parameters: - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string - in: body name: SegmentSecurityProfileBindingMap required: true schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace infra segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /infra/segments/{segment-id}/tep-table: get: consumes: - application/json description: | Returns TEP table for a segment operationId: GetInfraSegmentTepTable parameters: - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment TEP table tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}/tep-table?format=csv: get: consumes: - application/json description: | Returns TEP table for a segment in CSV operationId: GetInfraSegmentTepTableInCsv parameters: - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment TEP table in CSV tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segment-id}?action=delete_dhcp_leases: post: consumes: - application/json description: | Delete one or multiple DHCP lease(s) specified by IP and MAC. If there is a DHCP server running upon the given segment, or this segment is using a DHCP server running in its connected Tier-0 or Tier-1, the DHCP lease(s) which match exactly the IP address and the MAC address will be deleted. If no such lease matches, the deletion for this lease will be ignored. The DHCP lease to be deleted will be removed by the system from both active and standby node. The system will report error if the DHCP lease could not be removed from both nodes. If the DHCP lease could not be removed on either node, please check the DHCP server status. Once the DHCP server status is UP, please invoke the deletion API again to ensure the lease gets deleted from both nodes. operationId: DeleteDhcpLease parameters: - in: path name: segment-id required: true type: string - in: body name: DhcpDeleteLeases required: true schema: $ref: '#/definitions/DhcpDeleteLeases' - description: Enforcement point path in: query name: enforcement_point_path type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DHCP lease(s) specified by IP and MAC tags: - Policy - Networking - IP Management - DHCP - DHCP Leases x-vmw-nsx-module: PolicyConnectivity /infra/segments/{segment-id}?force=true: delete: consumes: - application/json description: |- Force delete bypasses validations during segment deletion. This may result in an inconsistent connectivity. operationId: ForceDeleteInfraSegment parameters: - in: path name: segment-id required: true type: string - default: false description: Flag to specify whether to delete related segment ports in: query name: cascade required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Force delete infra segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If segment with the segment-id is not already present, create a new segment. If it already exists, update the segment with specified attributes. Force parameter is required when workload connectivity is indirectly impacted with the current update. operationId: PatchInfraSegmentWithForce parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - in: body name: Segment required: true schema: $ref: '#/definitions/Segment' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If segment with the segment-id is not already present, create a new segment. If it already exists, replace the segment with this object. Force parameter is required when workload connectivity is indirectly impacted with the current replacement. Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PATCH API payload, the path returned in the GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the Alarm, GPRR, error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: CreateOrReplaceInfraSegmentWithForce parameters: - description: |- Segment ID in: path name: segment-id required: true type: string - in: body name: Segment required: true schema: $ref: '#/definitions/Segment' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Segment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a infra segment tags: - Policy - Networking - Connectivity - Segments - Segments x-vmw-nsx-module: PolicyConnectivity /infra/segments/{segments-id}/ports/{port-id}/statistics: get: consumes: - application/json description: | Get infra segment port statistics information. operationId: GetInfraSegmentPortStatistics parameters: - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segments-id}/ports/{port-id}/status: get: consumes: - application/json description: | Get infra segment port status information. operationId: GetInfraSegmentPortStatus parameters: - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment port status information tags: - Policy - Networking - Connectivity - Segments - Status x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segments-id}/state: get: consumes: - application/json description: | Get infra segment state information. operationId: GetInfraSegmentState parameters: - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment state information tags: - Policy - Networking - Connectivity - Segments - State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/segments/{segments-id}/statistics: get: consumes: - application/json description: | Get infra segment statistics information. operationId: GetInfraSegmentStatistics parameters: - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get infra segment statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/service-chains: get: consumes: - application/json description: | List all the service chains available for service insertion operationId: ListPolicyServiceChains parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceChainListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List service chains tags: - Policy - Security - Service Insertion - Service Chains x-vmw-nsx-module: PolicyServiceInsertion /infra/service-chains/{service-chain-id}: delete: consumes: - application/json description: |- This API can be user to delete service chain with given service-chain-id. operationId: DeletePolicyServiceChain parameters: - description: |- Id of Service chain in: path name: service-chain-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Service chain tags: - Policy - Security - Service Insertion - Service Chains x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- This API can be used to read service chain with given service-chain-id. operationId: ReadServiceChain parameters: - description: |- Id of Service chain in: path name: service-chain-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceChain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service chain tags: - Policy - Security - Service Insertion - Service Chains x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create Service chain representing the sequence in which 3rd party services must be consumed. operationId: PatchServiceChain parameters: - description: |- Service chain id in: path name: service-chain-id required: true type: string - in: body name: PolicyServiceChain required: true schema: $ref: '#/definitions/PolicyServiceChain' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service chain tags: - Policy - Security - Service Insertion - Service Chains x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create or update Service chain representing the sequence in which 3rd party services must be consumed. operationId: CreateServiceChain parameters: - description: |- Service chain id in: path name: service-chain-id required: true type: string - in: body name: PolicyServiceChain required: true schema: $ref: '#/definitions/PolicyServiceChain' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceChain' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update service chain tags: - Policy - Security - Service Insertion - Service Chains x-vmw-nsx-module: PolicyServiceInsertion /infra/service-chains/{service-chain-id}/service-paths: get: consumes: - application/json description: |- This API can be used to read service paths for a given service-chain-id. operationId: ReadServicePath parameters: - description: |- Id of Service chain in: path name: service-chain-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServicePathListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service paths for a given service chain tags: - Policy - Security - Service Insertion - Service Chains x-vmw-nsx-module: PolicyServiceInsertion /infra/service-references: get: consumes: - application/json description: | List all the partner service references available for service insertion operationId: ListServiceReferences parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceReferenceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List service references tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion /infra/service-references/{service-reference-id}: delete: consumes: - application/json description: |- This API can be used to delete a service reference with the given service-reference-id. operationId: DeleteServiceReference parameters: - description: |- Id of Service Reference in: path name: service-reference-id required: true type: string - default: false description: Flag to cascade delete all children associated with service reference in: query name: cascade required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Service Reference tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- This API can be used to read service reference with the given service-reference-id. operationId: ReadServiceReference parameters: - description: |- Id of Service Reference in: path name: service-reference-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceReference' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service reference tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create Service Reference representing the intent to consume a given 3rd party service. operationId: PatchServiceReference parameters: - description: |- Service reference id in: path name: service-reference-id required: true type: string - in: body name: ServiceReference required: true schema: $ref: '#/definitions/ServiceReference' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service reference tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create Service Reference representing the intent to consume a given 3rd party service. operationId: CreateOrUpdateServiceReference parameters: - description: |- Service reference id in: path name: service-reference-id required: true type: string - in: body name: ServiceReference required: true schema: $ref: '#/definitions/ServiceReference' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceReference' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service reference tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion /infra/service-references/{service-reference-id}/service-profiles: get: consumes: - application/json description: | List all the service profiles available for given service reference operationId: ListPolicyServiceProfiles parameters: - description: |- Service reference id in: path name: service-reference-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List service profiles tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion /infra/service-references/{service-reference-id}/service-profiles/{service-profile-id}: delete: consumes: - application/json description: |- This API can be used to delete service profile with given service-profile-id operationId: DeletePolicyServiceProfile parameters: - description: |- Id of Service Reference in: path name: service-reference-id required: true type: string - description: |- Service profile id in: path name: service-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Service profile tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- This API can be used to read service profile with given service-profile-id operationId: ReadPolicyServiceProfile parameters: - description: |- Id of Service Reference in: path name: service-reference-id required: true type: string - description: |- Service profile id in: path name: service-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service profile tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: |- Create Service profile to specify vendor template attri- butes for a given 3rd party service. operationId: PatchPolicyServiceProfile parameters: - description: |- Service reference id in: path name: service-reference-id required: true type: string - description: |- Service profile id in: path name: service-profile-id required: true type: string - in: body name: PolicyServiceProfile required: true schema: $ref: '#/definitions/PolicyServiceProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service profile tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: |- Create or update Service profile to specify vendor temp- late attributes for a given 3rd party service. operationId: CreatePolicyServiceProfile parameters: - description: |- Service reference id in: path name: service-reference-id required: true type: string - description: |- Service profile id in: path name: service-profile-id required: true type: string - in: body name: PolicyServiceProfile required: true schema: $ref: '#/definitions/PolicyServiceProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update service profile tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion /infra/service-references/{service-reference-id}/service-profiles/{service-profile-id}/group-associations: get: consumes: - application/json description: | List of Groups used in Redirection rules for a given Service Profile. operationId: GetPolicyServiceProfileGroups parameters: - description: |- Service reference id in: path name: service-reference-id required: true type: string - description: |- Service profile id in: path name: service-profile-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceProfileGroups' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Groups used in Redirection rules for a given Service Profile. tags: - Policy - Security - Service Insertion - Service References x-vmw-nsx-module: PolicyServiceInsertion /infra/service-references/{service-reference-id}/service-profiles/{service-profile-id}/service-chain-mappings: get: consumes: - application/json description: | List all service chain mappings in the system for the given service profile. If no explicit enforcement point is provided in the request, will return for default. Else, will return for specified points. operationId: ListPolicyServiceChainMappings parameters: - description: |- Service reference id in: path name: service-reference-id required: true type: string - description: |- Service profile id in: path name: service-profile-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceChainMappingListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all service chain mappings for given service profile. tags: - Policy - Security - Service Insertion - Service Chains x-vmw-nsx-module: PolicyServiceInsertion /infra/services: get: consumes: - application/json description: | Paginated list of Services for infra. operationId: ListServicesForTenant parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Fetch all default services in: query name: default_service type: boolean - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Services for infra tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /infra/services/{service-id}: delete: consumes: - application/json description: |- Delete Service operationId: DeleteServiceForTenant parameters: - description: |- Service ID in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Service tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy get: consumes: - application/json description: |- Read a service operationId: ReadServiceForTenant parameters: - description: |- Service ID in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Service' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a service tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy patch: consumes: - application/json description: | Create a new service if a service with the given ID does not already exist. Creates new service entries if populated in the service. If a service with the given ID already exists, patch the service including the nested service entries. operationId: PatchServiceForTenant parameters: - description: |- Service ID in: path name: service-id required: true type: string - in: body name: Service required: true schema: $ref: '#/definitions/Service' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a Service tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy put: consumes: - application/json description: | Create a new service if a service with the given ID does not already exist. Creates new service entries if populated in the service. If a service with the given ID already exists, update the service including the nested service entries. This is a full replace. operationId: UpdateServiceForTenant parameters: - description: |- Service ID in: path name: service-id required: true type: string - in: body name: Service required: true schema: $ref: '#/definitions/Service' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Service' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Service tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /infra/services/{service-id}/service-entries: get: consumes: - application/json description: | Paginated list of Service entries for the given service operationId: ListServiceEntries parameters: - description: |- Service ID in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceEntryListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Service entries for the given service tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /infra/services/{service-id}/service-entries/{service-entry-id}: delete: consumes: - application/json description: |- Delete Service entry operationId: DeleteServiceEntry parameters: - description: |- Service ID in: path name: service-id required: true type: string - description: |- Service entry ID in: path name: service-entry-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Service entry tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy get: consumes: - application/json description: |- Service entry operationId: ReadServiceEntry parameters: - description: |- Service ID in: path name: service-id required: true type: string - description: |- Service entry ID in: path name: service-entry-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Service entry tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy patch: consumes: - application/json description: | If a service entry with the service-entry-id is not already present, create a new service entry. If it already exists, patch the service entry. operationId: PatchServiceEntry parameters: - description: |- Service ID in: path name: service-id required: true type: string - description: |- Service entry ID in: path name: service-entry-id required: true type: string - in: body name: ServiceEntry required: true schema: $ref: '#/definitions/ServiceEntry' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a ServiceEntry tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy put: consumes: - application/json description: | If a service entry with the service-entry-id is not already present, create a new service entry. If it already exists, update the service entry. operationId: UpdateServiceEntry parameters: - description: |- Service ID in: path name: service-id required: true type: string - description: |- Service entry ID in: path name: service-entry-id required: true type: string - in: body name: ServiceEntry required: true schema: $ref: '#/definitions/ServiceEntry' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceEntry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a ServiceEntry tags: - Policy - Inventory - Services x-vmw-nsx-module: Policy /infra/session-timer-profiles/{session-timer-profile-id}/bindings: get: consumes: - application/json description: |- API will list all Session Timer Profiles bindings. operationId: ListSessionTimerProfileBindings parameters: - in: path name: session-timer-profile-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Session Timer Profiles tags: - Policy - Security - Security Profiles - Session Timer Profiles x-vmw-nsx-module: PolicyProfile /infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps: get: consumes: - application/json description: | API will list all Firewall CPU Memory Thresholds Profile Binding Maps. operationId: ListPolicyFirewallCPUMemThresholdsProfileBindingMaps parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Firewall CPU Memory Thresholds Profile Binding Maps tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding /infra/settings/firewall/cpu-mem-thresholds-profile-binding-maps/{cpu-mem-thresholds-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Firewall CPU Memory Thresholds Profile Binding. operationId: DeletePolicyFirewallCPUMemThresholdsProfileBindingMap parameters: - description: |- Firewall CPU Memory Thresholds Profile Binding Map ID in: path name: cpu-mem-thresholds-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Firewall CPU Memory Thresholds Profile Binding tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding get: consumes: - application/json description: | API will get Firewall CPU Memory Thresholds Profile Binding Map. operationId: GetPolicyFirewallCPUMemThresholdsProfileBindingMap parameters: - description: |- Firewall CPU Memory Thresholds Profile Binding Map ID in: path name: cpu-mem-thresholds-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Firewall CPU Memory Thresholds Profile Binding Map tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding patch: consumes: - application/json description: |- API will create or update Firewall CPU Memory Thresholds Profile binding map. operationId: PatchPolicyFirewallCPUMemThresholdsProfileBindingMap parameters: - description: |- Firewall CPU Memory Thresholds Profile Binding Map ID in: path name: cpu-mem-thresholds-profile-binding-map-id required: true type: string - in: body name: PolicyFirewallCPUMemThresholdsProfileBindingMap required: true schema: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Firewall CPU Memory Thresholds Profile Binding Map tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding put: consumes: - application/json description: |- API will update Firewall CPU Memory Thresholds Profile Binding Map. operationId: UpdatePolicyFirewallCPUMemThresholdsProfileBindingMap parameters: - description: |- Firewall CPU Memory Thresholds Profile Binding Map ID in: path name: cpu-mem-thresholds-profile-binding-map-id required: true type: string - in: body name: PolicyFirewallCPUMemThresholdsProfileBindingMap required: true schema: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Firewall CPU Memory Thresholds Profile Binding Map tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding /infra/settings/firewall/cpu-mem-thresholds-profiles: get: consumes: - application/json description: |- List all CPU and memory thresholds profiles. operationId: ListCPUMemThresholdsProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all CPU and memory thresholds profiles tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile /infra/settings/firewall/cpu-mem-thresholds-profiles/{profile-id}: delete: consumes: - application/json description: |- Delete CPU and memory thresholds profile. operationId: DeleteCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile get: consumes: - application/json description: |- Read the CPU and memory thresholds profile. operationId: ReadCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile patch: consumes: - application/json description: |- Create or update CPU and memory thresholds profile. operationId: PatchCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string - in: body name: PolicyFirewallCpuMemThresholdsProfile required: true schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile put: consumes: - application/json description: |- Create or update CPU and memory thresholds profile. operationId: UpdateCPUMemThresholdsProfile parameters: - in: path name: profile-id required: true type: string - in: body name: PolicyFirewallCpuMemThresholdsProfile required: true schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update CPU and memory thresholds profile tags: - Policy - Security - Security Profiles - Cpu Memory Thresholds Profiles x-vmw-nsx-module: PolicyProfile /infra/settings/firewall/export: get: consumes: - application/json description: | Get the information of the latest export task. operationId: GetExportTask produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ExportTask' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the information of export task tags: - Policy - Security - East West Security - Distributed Firewall - Task x-vmw-nsx-module: PolicyTask post: consumes: - application/json description: | Invoke export task. There can be only one export task run at any point of time. Hence invocation of another export task will be discarded, when there exist an already running export task. Exported configuration will be in a CSV format. This CSV file will be zipped into a ZIP file, that can be downloaded after the completion of export task. operationId: InvokeExportTask parameters: - in: body name: ExportRequestParameter required: true schema: $ref: '#/definitions/ExportRequestParameter' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ExportTask' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Invoke export task tags: - Policy - Security - East West Security - Distributed Firewall - Task x-vmw-nsx-module: PolicyTask /infra/settings/firewall/export?action=cancel: post: consumes: - application/json description: | This operation cancels an export task. Task needs to be in running state. operationId: CancelExportTask produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ExportTask' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Cancel a running export task tags: - Policy - Security - East West Security - Distributed Firewall - Task x-vmw-nsx-module: PolicyTask /infra/settings/firewall/export?action=download: get: consumes: - application/json description: | Download the exported file generated from the last export task. operationId: DownloadExportedFile produces: - application/octet-stream responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Download exported file tags: - Policy - Security - East West Security - Distributed Firewall - Task x-vmw-nsx-module: PolicyTask /infra/settings/firewall/gateway/dependent-services: get: consumes: - application/json description: | Get the list of gateway firewall dependent services operationId: GetGatewayFirewallDependentServices produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DependentServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of gateway firewall dependent services tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Firewall Configuration x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/idfw/cluster: get: consumes: - application/json description: | API will list all compute cluster wise identity firewall configuration operationId: ListComputeClusterIdfwConfiguration parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ComputeClusterIdfwConfigurationListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List compute cluster idfw Configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/idfw/cluster/{cluster-id}: delete: consumes: - application/json description: |- Delete compute cluster identity firewall configuration. operationId: DeleteComputeClusterIdfwConfiguration parameters: - description: |- Cluster ID in: path name: cluster-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete compute cluster idfw configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration get: consumes: - application/json description: | Read compute cluster identity firewall configuration operationId: GetComputeClusterIdfwConfiguration parameters: - description: |- Cluster ID in: path name: cluster-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ComputeClusterIdfwConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read compute cluster idfw configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration patch: consumes: - application/json description: |- Patch compute cluster identity firewall configuration. operationId: PatchComputeClusterIdfwConfiguration parameters: - description: |- Cluster ID in: path name: cluster-id required: true type: string - in: body name: ComputeClusterIdfwConfiguration required: true schema: $ref: '#/definitions/ComputeClusterIdfwConfiguration' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch compute cluster idfw configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration put: consumes: - application/json description: |- Update the compute cluster idfw configuration operationId: PutComputeClusterIdfwConfiguration parameters: - description: |- Cluster ID in: path name: cluster-id required: true type: string - in: body name: ComputeClusterIdfwConfiguration required: true schema: $ref: '#/definitions/ComputeClusterIdfwConfiguration' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ComputeClusterIdfwConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update compute cluster idfw configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/idfw/compute-collections/status: get: consumes: - application/json description: |- Get IDFW status for all Compute Collections operationId: GetIDFWStatusForAllComputeCollections parameters: - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwComputeCollectionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDFW status for all Compute Collections tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/compute-collections/{compute-collection-id}/status: get: consumes: - application/json description: |- Get IDFW status for a specific Compute Collection operationId: GetIDFWStatusForAComputeCollection parameters: - description: |- Compute colelction id in: path name: compute-collection-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwComputeCollectionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDFW status for a Compute Collection tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/compute-collections/{compute-collection-id}/transport-nodes/status: get: consumes: - application/json description: | This API will list all transport node and statuses based on idfw enabled compute collection ID. operationId: ListIDFWStatusForAllTransportNodesInAComputeCollection parameters: - description: |- Compute colelction id in: path name: compute-collection-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwTransportNodeStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDFW status for Transport Nodes in a Compute Collection tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/group-vm-details: get: consumes: - application/json description: | Get all Identity Firewall Group VM details for a given Group. operationId: GetGroupVmDetails parameters: - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: String Path of the group in: query name: group_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIdfwGroupVmDetailListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get all IDFW Group VM details for a given Group tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/standalone-host-switch-setting: get: consumes: - application/json description: | Read identity firewall configuration for standalone host operationId: GetStandaloneHostIdfwConfiguration produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StandaloneHostIdfwConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read idfw configuration for standalone host tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration patch: consumes: - application/json description: |- Patch identity firewall configuration for standalone host operationId: PatchStandaloneHostIdfwConfiguration parameters: - in: body name: StandaloneHostIdfwConfiguration required: true schema: $ref: '#/definitions/StandaloneHostIdfwConfiguration' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch idfw configuration for standalone host tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration put: consumes: - application/json description: |- Update the idfw configuration for standalone host operationId: PutStandaloneHostIdfwConfiguration parameters: - in: body name: StandaloneHostIdfwConfiguration required: true schema: $ref: '#/definitions/StandaloneHostIdfwConfiguration' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StandaloneHostIdfwConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update idfw configuration for standalone host tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/idfw/system-stats: get: consumes: - application/json description: | It will get IDFW system statistics data. operationId: GetIDFWSystemStatisticsData parameters: - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwSystemStats' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDFW system statistics data tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/transport-nodes/{transport-node-id}/vms/status: get: consumes: - application/json description: | This API will list all VMs and statuses based on transport node ID of idfw enabled compute collection. operationId: ListVirtualMachineIDFWStatusByTransportNode parameters: - description: |- Transport node id in: path name: transport-node-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwVirtualMachineStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDFW status of VMs by transport node id tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/user-session-data: get: consumes: - application/json description: | It will get user session data. operationId: GetUserSessionData parameters: - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwUserSessionDataAndMappings' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get user session data tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/user-stats/{user-id}: get: consumes: - application/json description: | It will get IDFW user login events for a given user. operationId: GetUserLoginEvents parameters: - description: |- User id in: path name: user-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwUserStats' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDFW user login events for a given user tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/idfw/vm-stats/{vm-id}: get: consumes: - application/json description: | It will get IDFW user login events for a given VM (all active plus up to 5 most recent archived entries). operationId: GetUserLoginEventsForAVM parameters: - description: |- VM id in: path name: vm-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdfwVmStats' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDFW user login events for a given VM tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Firewall Identity Store x-vmw-nsx-module: PolicyIdentity /infra/settings/firewall/import: get: consumes: - application/json description: | Get the information of the latest import task. operationId: GetImportTask produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ImportTask' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the information of import task tags: - Policy - Security - East West Security - Distributed Firewall - Task x-vmw-nsx-module: PolicyTask /infra/settings/firewall/import?action=cancel: post: consumes: - application/json description: | This operation cancels an import task. Task needs to be in running state. operationId: CancelImportTask produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ImportTask' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Cancel a running import task tags: - Policy - Security - East West Security - Distributed Firewall - Task x-vmw-nsx-module: PolicyTask /infra/settings/firewall/security: get: consumes: - application/json description: |- Get the current dfw firewall configurations. operationId: GetDfwFirewallConfiguration produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DfwFirewallConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get dfw firewall configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Distributed Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration patch: consumes: - application/json description: | Update dfw firewall related configurations. operationId: PatchDfwFirewallConfiguration parameters: - in: body name: DfwFirewallConfiguration required: true schema: $ref: '#/definitions/DfwFirewallConfiguration' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update dfw firewall configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Distributed Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration put: consumes: - application/json description: | Update dfw firewall related configurations. operationId: PutDfwFirewallConfiguration parameters: - in: body name: DfwFirewallConfiguration required: true schema: $ref: '#/definitions/DfwFirewallConfiguration' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DfwFirewallConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update dfw firewall configuration tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Distributed Firewall Settings x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/security/dependent-services: get: consumes: - application/json description: | Get the list of distributed firewall dependent services operationId: GetDistributedFirewallDependentServices produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DependentServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of distributed firewall dependent services tags: - Policy - Security - East West Security - Distributed Firewall - Settings x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/security/exclude-list: get: consumes: - application/json description: | Read exclude list for firewall operationId: GetFirewallExcludeList produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyExcludeList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read security policy exclude list tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Exclusion List x-vmw-nsx-module: PolicyFirewallConfiguration patch: consumes: - application/json description: | Patch exclusion list for security policy. operationId: PatchExcludeList parameters: - in: body name: PolicyExcludeList required: true schema: $ref: '#/definitions/PolicyExcludeList' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch exclusion list for security policy tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Exclusion List x-vmw-nsx-module: PolicyFirewallConfiguration put: consumes: - application/json description: | Update the exclusion list for security policy operationId: PutExcludeList parameters: - in: body name: PolicyExcludeList required: true schema: $ref: '#/definitions/PolicyExcludeList' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyExcludeList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update exclusion list for security policy tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Exclusion List x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/security/exclude-list?action=filter: post: consumes: - application/json description: | Filter the firewall exclude list by the given object, to check whether the object is a member of this exclude list. operationId: FilterFirewallExcludeList parameters: - default: false description: Check all parents in: query name: deep_check required: false type: boolean - description: Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Path of the intent object to be searched in the exclude list in: query name: intent_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReference' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Filter the firewall exclude list tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Exclusion List x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/security/exclude-list?system_owned=true: get: consumes: - application/json description: | Read security policy exclude list including system and user excluded members. operationId: GetInternalFirewallExcludeList produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyExcludeList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read security policy exclude list including system and user excluded members tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Exclusion List x-vmw-nsx-module: PolicyFirewallConfiguration /infra/settings/firewall/security/intrusion-services: get: consumes: - application/json description: | Intrusion detection system settings. operationId: GetIdsSettings produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSettings' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS system settings tags: - Policy - Security - East West Security - Distributed IDS - Intrusion Services x-vmw-nsx-module: PolicyIDS patch: consumes: - application/json description: | Intrusion detection system settings. operationId: PatchIdsSettings parameters: - in: body name: IdsSettings required: true schema: $ref: '#/definitions/IdsSettings' responses: '202': description: Accepted '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Intrusion detection system settings tags: - Policy - Security - East West Security - Distributed IDS - Intrusion Services x-vmw-nsx-module: PolicyIDS put: consumes: - application/json description: | Intrusion detection system settings. operationId: UpdateIdsSettings parameters: - in: body name: IdsSettings required: true schema: $ref: '#/definitions/IdsSettings' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSettings' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Intrusion detection system settings tags: - Policy - Security - East West Security - Distributed IDS - Intrusion Services x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/affected-ips: post: consumes: - application/json description: | Get the list of IP addresses affected pertaining to a specific signature for intrusion events detected on gateway. operationId: GetPolicyAffectedIps parameters: - in: body name: PolicyIdsEventDataRequest required: true schema: $ref: '#/definitions/PolicyIdsEventDataRequest' - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIdsIpList' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of the IPs affected for that signature for intrusion events detected on gateway tags: - Policy - Security - East West Security - Distributed IDS - Dashboard x-vmw-nsx-module: PolicyIDSMetrics /infra/settings/firewall/security/intrusion-services/affected-users: post: consumes: - application/json description: | Get the list of the users affected pertaining to a specific signature. operationId: GetPolicyAffectedUsers parameters: - in: body name: PolicyIdsEventDataRequest required: true schema: $ref: '#/definitions/PolicyIdsEventDataRequest' - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIdsUserList' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of the users affected for that signature tags: - Policy - Security - East West Security - Distributed IDS - Dashboard x-vmw-nsx-module: PolicyIDSMetrics /infra/settings/firewall/security/intrusion-services/affected-vms: post: consumes: - application/json description: | Get the list of the VMs affected pertaining to a specific signature. operationId: GetPolicyAffectedVms parameters: - in: body name: PolicyIdsEventDataRequest required: true schema: $ref: '#/definitions/PolicyIdsEventDataRequest' - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIdsVmList' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of the VMs affected for that signature tags: - Policy - Security - East West Security - Distributed IDS - Dashboard x-vmw-nsx-module: PolicyIDSMetrics /infra/settings/firewall/security/intrusion-services/cluster-configs: get: consumes: - application/json description: | List intrusion detection system cluster configs. operationId: ListIdsClusterConfigs parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsClusterConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDS cluster configs tags: - Policy - Security - East West Security - Distributed IDS - Settings - Enablement x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/cluster-configs/{cluster-config-id}: get: consumes: - application/json description: | Read intrusion detection system cluster config operationId: GetIdsClusterConfig parameters: - description: |- User entered ID in: path name: cluster-config-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsClusterConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IDS cluster config. tags: - Policy - Security - East West Security - Distributed IDS - Settings - Enablement x-vmw-nsx-module: PolicyIDS patch: consumes: - application/json description: |- Patch intrusion detection system on cluster level. operationId: PatchIdsClusterConfig parameters: - description: |- User entered ID in: path name: cluster-config-id required: true type: string - in: body name: IdsClusterConfig required: true schema: $ref: '#/definitions/IdsClusterConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IDS config on cluster level tags: - Policy - Security - East West Security - Distributed IDS - Settings - Enablement x-vmw-nsx-module: PolicyIDS put: consumes: - application/json description: |- Update intrusion detection system on cluster level. operationId: CreateOrUpdateIdsClusterConfig parameters: - description: |- User entered ID in: path name: cluster-config-id required: true type: string - in: body name: IdsClusterConfig required: true schema: $ref: '#/definitions/IdsClusterConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsClusterConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- create or update IDS config on cluster level tags: - Policy - Security - East West Security - Distributed IDS - Settings - Enablement x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/global-signatures: get: consumes: - application/json description: | List global intrusion detection signatures. operationId: ListGlobalIdsSignatures parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalIdsSignatureListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Global IDS signatures tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/global-signatures/{signature-id}: delete: consumes: - application/json description: | Delete global intrusion detection signature. operationId: DeleteGlobalIdsSignature parameters: - description: |- Signature ID in: path name: signature-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Global IDS signature tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS get: consumes: - application/json description: | Read global intrusion detection signature operationId: GetGlobalIdsSignature parameters: - description: |- Signature ID in: path name: signature-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalIdsSignature' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Global IDS signature. tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS patch: consumes: - application/json description: |- Patch global intrusion detection system signature. operationId: PatchGlobalIdsSignature parameters: - description: |- Signature ID in: path name: signature-id required: true type: string - in: body name: GlobalIdsSignature required: true schema: $ref: '#/definitions/GlobalIdsSignature' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Global IDS Signature tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS put: consumes: - application/json description: |- Update global intrusion detection signature. operationId: CreateOrUpdateGlobalIdsSignature parameters: - description: |- Signature ID in: path name: signature-id required: true type: string - in: body name: GlobalIdsSignature required: true schema: $ref: '#/definitions/GlobalIdsSignature' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GlobalIdsSignature' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- create or update Global IDS Signature tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/ids-events: post: consumes: - application/json description: | Get the list of the IDS events that are detected with the total number of intrusions detected, their severity and the time they occurred, grouped by signature id. operationId: GetPolicyAllIdsEvents parameters: - in: body name: PolicyIdsEventDataRequest required: true schema: $ref: '#/definitions/PolicyIdsEventDataRequest' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIdsEventsBySignatureResult' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of the IDS events that are detected, grouped by signature id. tags: - Policy - Security - East West Security - Distributed IDS - Dashboard x-vmw-nsx-module: PolicyIDSMetrics /infra/settings/firewall/security/intrusion-services/ids-standalone-host-config: get: consumes: - application/json description: | Read intrusion detection system config of standalone hosts. operationId: GetIdsStandaloneHostConfig produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsStandaloneHostConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read IDS config tags: - Policy - Security - East West Security - Distributed IDS - Settings - Enablement x-vmw-nsx-module: PolicyIDS patch: consumes: - application/json description: |- Patch intrusion detection system configuration on standalone hosts. operationId: PatchIdsStandaloneHostConfig parameters: - in: body name: IdsStandaloneHostConfig required: true schema: $ref: '#/definitions/IdsStandaloneHostConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IDS configuration tags: - Policy - Security - East West Security - Distributed IDS - Settings - Enablement x-vmw-nsx-module: PolicyIDS put: consumes: - application/json description: |- Update intrusion detection system configuration on standalone hosts. operationId: CreateOrUpdateIdsStandaloneHostConfig parameters: - in: body name: IdsStandaloneHostConfig required: true schema: $ref: '#/definitions/IdsStandaloneHostConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsStandaloneHostConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update IDS configuration tags: - Policy - Security - East West Security - Distributed IDS - Settings - Enablement x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/ids-summary: post: consumes: - application/json description: | Get the summary of all the intrusions that are detected grouped by signature with details including signature name, id, severity, attack type, protocol, first and recent occurence, and affected users and VMs. The following filter criteria are supported: attack target, attack type, gateway name, IP address, product affected, signature ID and VM name. operationId: GetPolicyIdsDashboardSummary parameters: - in: body name: PolicyIdsEventDataRequest required: true schema: $ref: '#/definitions/PolicyIdsEventDataRequest' - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIdsSummaryListResult' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the summary of the intrusions that were detected. tags: - Policy - Security - East West Security - Distributed IDS - Dashboard x-vmw-nsx-module: PolicyIDSMetrics /infra/settings/firewall/security/intrusion-services/profiles: get: consumes: - application/json description: | List intrusion detection profiles. operationId: ListIdsProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDS profiles tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/profiles/{profile-id}: delete: consumes: - application/json description: | Delete intrusion detection profile. operationId: DeleteIdsProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IDS profile tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyIDS get: consumes: - application/json description: | Read intrusion detection profile operationId: GetIdsProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS profile. tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyIDS patch: consumes: - application/json description: |- Patch intrusion detection system profile. operationId: PatchIdsProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string - in: body name: IdsProfile required: true schema: $ref: '#/definitions/IdsProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch IDS profile tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyIDS put: consumes: - application/json description: |- Update intrusion detection profile. operationId: CreateOrUpdateIdsProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string - in: body name: IdsProfile required: true schema: $ref: '#/definitions/IdsProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- create or update IDS profile tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/profiles/{profile-id}/effective-signatures: get: consumes: - application/json description: | Get all the IDS signatures attached to the Profile. operationId: GetIdsProfileSignatures parameters: - description: |- Profile ID in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsProfileSignatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS profile signatures. tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/signature-versions: get: consumes: - application/json description: | Intrusion detection system signature versions. operationId: GetIdsSignatureVersions parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSignatureVersionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS signature versions tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/signature-versions/{version-id}/signatures: get: consumes: - application/json description: | List intrusion detection system signatures. operationId: ListIdsSignatures parameters: - in: path name: version-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSignatureListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List IDS signatures tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/signature-versions?action=make_active_version: post: consumes: - application/json description: | Make this IDS Signature version as ACTIVE version and other versions as NOTACTIVE. operationId: MakeVersionAsActive parameters: - in: body name: IdsSignatureVersion required: true schema: $ref: '#/definitions/IdsSignatureVersion' responses: '202': description: Accepted '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Change the state of IDS Signature Version tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/signatures/status: get: consumes: - application/json description: | Intrusion detection system signatures status. operationId: GetIdsSignatureStatus produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IdsSignatureStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IDS signature status tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/signatures?action=update_signatures: post: consumes: - application/json description: | Trigger the process to Download and update the IDS signatures manually. operationId: UpdateIdsSignatures responses: '202': description: Accepted '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Download and update IDS signatures tags: - Policy - Security - East West Security - Distributed IDS - Settings - Signatures x-vmw-nsx-module: PolicyIDS /infra/settings/firewall/security/intrusion-services/stats?action=reset: post: consumes: - application/json description: | Sets IDS/IPS rule statistics counter to zero. - no enforcement point path specified: Reset of stats will be executed for each enforcement point. - {enforcement_point_path}: Reset of stats will be executed only for the given enforcement point. operationId: ResetIdsRuleStats parameters: - default: IDPSDFW description: Aggregation statistic category enum: - IDPSDFW - IDPSEDGE in: query name: category required: false type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset IDS/IPS rule statistics tags: - Policy - Security - East West Security - Distributed IDS - Rules - Statistics x-vmw-nsx-module: PolicyIDSStats /infra/settings/firewall/security/malware-prevention-service/profiles: get: consumes: - application/json description: | List Malware Prevention profiles. operationId: ListMalwarePreventionProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MalwarePreventionProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Malware Prevention profiles tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyAntiMalware /infra/settings/firewall/security/malware-prevention-service/profiles/{profile-id}: delete: consumes: - application/json description: | Delete Malware Prevention profile. operationId: DeleteMalwarePreventionProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Malware Prevention profile tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyAntiMalware get: consumes: - application/json description: | Read Malware Prevention profile operationId: GetMalwarePreventionProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MalwarePreventionProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Malware Prevention profile. tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyAntiMalware patch: consumes: - application/json description: |- Patch Malware Prevention profile. operationId: PatchMalwarePreventionProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string - in: body name: MalwarePreventionProfile required: true schema: $ref: '#/definitions/MalwarePreventionProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Malware Prevention profile tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyAntiMalware put: consumes: - application/json description: |- Patch Malware Prevention profile. operationId: CreateOrUpdateMalwarePreventionProfile parameters: - description: |- Profile ID in: path name: profile-id required: true type: string - in: body name: MalwarePreventionProfile required: true schema: $ref: '#/definitions/MalwarePreventionProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MalwarePreventionProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Malware Prevention profile tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyAntiMalware /infra/settings/firewall/security/malware-prevention-service/signatures: get: consumes: - application/json description: | List Malware Prevention signatures. operationId: ListMalwarePreventionSignatures parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MalwarePreventionSignatureListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Malware Prevention signatures tags: - Policy - Security - East West Security - Distributed IDS - Profiles x-vmw-nsx-module: PolicyAntiMalware /infra/settings/firewall/stats?action=reset: post: consumes: - application/json description: | Sets firewall rule statistics counter to zero. This operation is supported for given category, for example: DFW i.e. for all layer3 firewall (transport nodes only) rules or EDGE i.e. for all layer3 edge firewall (edge nodes only) rules. - no enforcement point path specified: On global manager, it is mandatory to give an enforcement point path. On local manager, reset of stats will be executed for each enforcement point. - {enforcement_point_path}: Reset of stats will be executed only for the given enforcement point. operationId: ResetRuleStats parameters: - description: Aggregation statistic category enum: - DFW - EDGE in: query name: category required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset firewall rule statistics tags: - Policy - Security - East West Security - Distributed Firewall - Statistics x-vmw-nsx-module: DfwSecurityPolicy /infra/settings/service-insertion/security/exclude-list: get: consumes: - application/json description: | Read exclude list for service insertion operationId: GetSiExcludeList produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicySIExcludeList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Default API to read service insertion exclude list with system owned members filtered out tags: - Policy - Security - Service Insertion - Settings - Exclusion List x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Patch service insertion exclusion list for security policy. operationId: PatchSiExcludeList parameters: - in: body name: PolicySIExcludeList required: true schema: $ref: '#/definitions/PolicySIExcludeList' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch service insertion exclusion list for security policy tags: - Policy - Security - Service Insertion - Settings - Exclusion List x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Update the exclusion list for service insertion policy operationId: UpdateSiExcludeList parameters: - in: body name: PolicySIExcludeList required: true schema: $ref: '#/definitions/PolicySIExcludeList' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicySIExcludeList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update service insertion exclusion list tags: - Policy - Security - Service Insertion - Settings - Exclusion List x-vmw-nsx-module: PolicyServiceInsertion /infra/settings/service-insertion/security/exclude-list?system_owned=true: get: consumes: - application/json description: | Read exclude list for service insertion operationId: GetInternalSiExcludeList produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicySIExcludeList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Additional API to read service insertion exclude list without filtering out the system owned members tags: - Policy - Security - Service Insertion - Settings - Exclusion List x-vmw-nsx-module: PolicyServiceInsertion /infra/settings/service-insertion/security/status: get: consumes: - application/json description: |- Get the current service insertion status configuration. operationId: GetSiStatus produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicySIStatusConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get service insertion configuration status tags: - Policy - Security - Service Insertion - Settings - Configuration Status x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Update service insertion status. operationId: PatchSiStatus parameters: - in: body name: PolicySIStatusConfiguration required: true schema: $ref: '#/definitions/PolicySIStatusConfiguration' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update service insertion status configuration tags: - Policy - Security - Service Insertion - Settings - Configuration Status x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Update service insertion status. operationId: UpdateSiStatus parameters: - in: body name: PolicySIStatusConfiguration required: true schema: $ref: '#/definitions/PolicySIStatusConfiguration' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicySIStatusConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update service insertion status configuration tags: - Policy - Security - Service Insertion - Settings - Configuration Status x-vmw-nsx-module: PolicyServiceInsertion /infra/sha/appliances/latency/status: get: consumes: - application/json description: | Get the details of latency status for all appliances operationId: GetAllApplianceLatencyData parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ApplianceLatencyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get the details of latency status for all appliances tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyShaAppliance /infra/sha/appliances/process/status: get: consumes: - application/json description: |- Get the list of process status for all appliances. operationId: GetProcessDataForAllAppliance parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ApplianceProcessListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of process status for all appliances. tags: - Policy - Monitoring - System Health Agent - Appliance x-vmw-nsx-module: PolicyShaAppliance /infra/sha/appliances/{appliance-id}/latency/status: get: consumes: - application/json description: | Get the details of latency status in given appliance. operationId: GetApplianceLatencyData parameters: - description: |- ID of appliance node in: path name: appliance-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ApplianceLatencyData' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get the details of latency status in given appliance. tags: - Policy - Monitoring - System Health Agent - Appliance x-vmw-nsx-module: PolicyShaAppliance /infra/sha/appliances/{appliance-id}/process/status: get: consumes: - application/json description: |- Get the details of process status in given appliance. operationId: GetProcessDataForAppliance parameters: - description: |- ID of appliance node in: path name: appliance-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ApplianceProcessData' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the details of process status in given appliance. tags: - Policy - Monitoring - System Health Agent - Appliance x-vmw-nsx-module: PolicyShaAppliance /infra/sha/dynamic-plugins: get: consumes: - application/json description: | API will provide list of Sha dynamic plugins. operationId: ListShaDynamicPlugins parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaDynamicPluginListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will provide list of Sha dynamic plugin list. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/sha/dynamic-plugins/{plugin-id}: delete: consumes: - application/json description: | Read Sha dynamic plugin. operationId: DeleteShaDynamicPlugin parameters: - description: |- Plugin filename in: path name: plugin-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Sha dynamic plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha get: consumes: - application/json description: | Read Sha dynamic plugin. operationId: ReadShaDynamicPlugin parameters: - description: |- Plugin filename in: path name: plugin-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaDynamicPlugin' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Sha dynamic plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha patch: consumes: - application/json description: | Upload Sha dynamic plugin content. operationId: PatchShaDynamicPlugin parameters: - description: |- Sha pre-defined plugin in: path name: plugin-id required: true type: string - in: body name: ShaDynamicPlugin required: true schema: $ref: '#/definitions/ShaDynamicPlugin' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaDynamicPlugin' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Upload Sha dynamic plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha put: consumes: - application/json description: | Create Sha dynamic plugin. operationId: CreateOrReplaceShaDynamicPlugin parameters: - description: |- Sha plugin id in: path name: plugin-id required: true type: string - in: body name: ShaDynamicPlugin required: true schema: $ref: '#/definitions/ShaDynamicPlugin' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaDynamicPlugin' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Sha dynamic plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/sha/dynamic-plugins/{plugin-id}/files/{file-name}: post: consumes: - multipart/form-data description: | Upload Sha dynamic plugin content. operationId: UploadShaDynamicPlugin parameters: - description: |- Sha plugin ID in: path name: plugin-id required: true type: string - description: |- Plugin file name in: path name: file-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DynamicPluginFileProperties' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Upload Sha dynamic plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/sha/plugin-profiles: get: consumes: - application/json description: | API will provide list of SHA profile. operationId: ListShaPluginProfiles parameters: - description: String Path of the Policy group path in: query name: applied_to_group_path required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: String Path of the sha plugin in: query name: plugin_path required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPluginProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will provide list of SHA profile. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/sha/plugin-profiles/{sha-profile-id}: delete: consumes: - application/json description: | Delete Sha profile. operationId: DeleteShaPluginProfile parameters: - description: |- Sha profile id in: path name: sha-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete SHA profile tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha get: consumes: - application/json description: | API will return Sha profile. operationId: ReadShaPluginProfile parameters: - description: |- Sha profile id in: path name: sha-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPluginProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will return Sha profile tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha patch: consumes: - application/json description: | Create or Replace Sha profile. operationId: PatchShaPluginProfile parameters: - description: |- Sha profile id in: path name: sha-profile-id required: true type: string - in: body name: ShaPluginProfile required: true schema: $ref: '#/definitions/ShaPluginProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPluginProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace SHA profile tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha put: consumes: - application/json description: | Create or Replace Sha profile. operationId: CreateOrReplaceShaPluginProfile parameters: - description: |- Sha profile id in: path name: sha-profile-id required: true type: string - in: body name: ShaPluginProfile required: true schema: $ref: '#/definitions/ShaPluginProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPluginProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Replace Sha profile tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/sha/plugin-status/{node-id}: get: consumes: - application/json description: | Show all the installed system health plugins on given node operationId: ShowPluginStatusOnNode parameters: - description: | The TN node id. in: path name: node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PerNodeShaPluginStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Show the plugins status on given node. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/sha/pre-defined-plugins: get: consumes: - application/json description: | API will provide list of Sha dynamic plugins. operationId: ListShaPredefinedPlugins parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPreDefinedPluginListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- API will provide list of Sha pre-defined list. tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/sha/pre-defined-plugins/{plugin-id}: get: consumes: - application/json description: | Read SHA dynamic plugin. operationId: ReadShaPredefinedPlugin parameters: - description: |- Sha pre-defined plugin in: path name: plugin-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ShaPredefinedPlugin' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Sha pre-defined plugin tags: - Policy - Monitoring - System Health Agent - Profile x-vmw-nsx-module: PolicySha /infra/site/offboarding-status: get: consumes: - application/json description: |- Get site offboarding status. operationId: GetSiteOffboardingStatus produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SiteOffBoardingState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get site offboarding status. tags: - Federation - Sites x-vmw-nsx-module: PolicySiteOffboarding /infra/sites: get: consumes: - application/json description: | List Sites under Infra. operationId: ListSites parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SiteListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Sites tags: - Federation - Sites x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/listener_certificate: get: consumes: - application/json description: | Connects to the given IP and port, and, if an SSL listener is present, returns the certificate of the listener. Intent of this API is "Do you trust this certificate?". operationId: GetInfraSiteListenerCertificate parameters: - description: Host name or IP address of TLS listener format: hostname-or-ip in: query name: address required: true type: string - description: TCP port number of the TLS listener format: int32 in: query maximum: 65535 minimum: 0 name: port required: true type: integer produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsListenerCertificate' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns the certificate of the listener tags: - Federation - Sites x-vmw-nsx-module: PolicySiteGM /infra/sites/{site-id}: delete: consumes: - application/json description: | Delete a site under Infra. operationId: DeleteInfraSite parameters: - in: path name: site-id required: true type: string - in: query name: force required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a site tags: - Federation - Sites x-vmw-nsx-module: PolicySiteGM get: consumes: - application/json description: | Read a site under Infra. operationId: ReadSite parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Site' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a site tags: - Federation - Sites x-vmw-nsx-module: PolicyEnforcementPointManagement patch: consumes: - application/json description: | Create or patch Site under Infra. operationId: PatchInfraSite parameters: - in: path name: site-id required: true type: string - in: body name: Site required: true schema: $ref: '#/definitions/Site' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch Site tags: - Federation - Sites x-vmw-nsx-module: PolicySiteGM put: consumes: - application/json description: | Create or fully replace a Site under Infra. Revision is optional for creation and required for update. operationId: CreateOrUpdateInfraSite parameters: - in: path name: site-id required: true type: string - in: body name: Site required: true schema: $ref: '#/definitions/Site' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Site' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace a Site under infra tags: - Federation - Sites x-vmw-nsx-module: PolicySiteGM /infra/sites/{site-id}/enforcement-points: get: consumes: - application/json description: | Paginated list of all enforcementpoints under Site. operationId: ListEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List enforcementpoints under Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/container-cluster-ncpstatus: get: consumes: - application/json description: |- Get all the container cluster status operationId: GetContainerClusterStatusList parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Container status type enum: - UNKNOWN - HEALTHY - DOWN - DEGRADED in: query name: status type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ContainerClusterStatusList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get all the container cluster status tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap post: consumes: - application/json description: |- Create container cluster status operationId: AddContainerClusterStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - in: body name: ContainerClusterStatus required: true schema: $ref: '#/definitions/ContainerClusterStatus' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ContainerClusterStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create container cluster status tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/container-cluster/{cluster-id}/ncpstatus: delete: consumes: - application/json description: |- Delete container cluster status operationId: DeleteContainerClusterStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of container cluster in: path name: cluster-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete container cluster status tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap get: consumes: - application/json description: |- Get the container cluster status by given id operationId: GetContainerClusterStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of container cluster in: path name: cluster-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ContainerClusterSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the container cluster status by given id tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/edge-bridge-profiles: get: consumes: - application/json description: |- List all L2 bridge profiles operationId: ListL2BridgeProfiles parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2BridgeEndpointProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List L2 Bridge Endpoint Profiles tags: - Policy - Networking - Connectivity - Segments - Edge Bridge Profiles x-vmw-nsx-module: PolicyConnectivity /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/edge-bridge-profiles/{profile-id}: delete: consumes: - application/json description: |- API will delete L2 bridge profile with ID profile-id operationId: DeleteL2BridgeProfile parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- profile ID in: path name: profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2 Bridge Endpoint Profile tags: - Policy - Networking - Connectivity - Segments - Edge Bridge Profiles x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read L2 bridge profile with ID profile-id operationId: ReadL2BridgeProfile parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- profile ID in: path name: profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2BridgeEndpointProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2 Bridge Endpoint Profile tags: - Policy - Networking - Connectivity - Segments - Edge Bridge Profiles x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | API will create or update L2 bridge profile with ID profile-id. L2 Bridge profile is only allowed under an enforcement-point with path /infra/sites/default/enforcement-points/default. operationId: PatchL2BridgeProfile parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- profile ID in: path name: profile-id required: true type: string - in: body name: L2BridgeEndpointProfile required: true schema: $ref: '#/definitions/L2BridgeEndpointProfile' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update L2 Bridge Endpoint Profile tags: - Policy - Networking - Connectivity - Segments - Edge Bridge Profiles x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | API will create or update L2 bridge profile with ID profile-id. L2 Bridge profile is only allowed under an enforcement-point with path /infra/sites/default/enforcement-points/default. operationId: UpdateL2BridgeProfile parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- profile ID in: path name: profile-id required: true type: string - in: body name: L2BridgeEndpointProfile required: true schema: $ref: '#/definitions/L2BridgeEndpointProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2BridgeEndpointProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update L2 Bridge Endpoint Profile tags: - Policy - Networking - Connectivity - Segments - Edge Bridge Profiles x-vmw-nsx-module: PolicyConnectivity /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/edge-clusters/{edge-cluster-id}/fqdn-analysis-config: delete: consumes: - application/json description: | Delete FqdnAnalysisConfig from the passed edge cluser node. operationId: DeleteFqdnAnalysisConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete FqdnAnalysisConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization get: consumes: - application/json description: | Gets a FqdnAnalysisConfig. This returns the details of the config like whether the FQDN Analysis is enabled or disabled for the given edge cluster. operationId: GetFqdnAnalysisConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FqdnAnalysisConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get FqdnAnalysisConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization patch: consumes: - application/json description: | Creates/Updates a FqdnAnalysisConfig object. If FqdnAnalysisConfig object does not exists for the passed edge-cluster node, create a new FqdnAnalysisConfig object. If it already exists, patch it. operationId: PatchFqdnAnalysisConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: body name: FqdnAnalysisConfig required: true schema: $ref: '#/definitions/FqdnAnalysisConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FqdnAnalysisConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update FqdnAnalysisConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization put: consumes: - application/json description: | Creates/Updates FqdnAnalysisConfig Object for the given edge cluster. If FqdnAnalysisConfig object is not already present, creates it. If it already exists, replace with this object. operationId: PutFqdnAnalysisConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: body name: FqdnAnalysisConfig required: true schema: $ref: '#/definitions/FqdnAnalysisConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FqdnAnalysisConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update FqdnAnalysisConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization ? /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/edge-clusters/{edge-cluster-id}/url-categorization-configs/{url-categorization-config-id} : delete: consumes: - application/json description: | Delete PolicyUrlCategorizationConfig. If deleted, the URL categorization will be disabled for that edge cluster. operationId: DeletePolicyUrlCategorizationConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: path name: url-categorization-config-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete PolicyUrlCategorizationConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization get: consumes: - application/json description: | Gets a PolicyUrlCategorizationConfig. This returns the details of the config like whether the URL categorization is enabled or disabled, the id of the context profiles which are used to filter the categories, and the update frequency of the data from the cloud. operationId: GetPolicyUrlCategorizationConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: path name: url-categorization-config-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyUrlCategorizationConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PolicyUrlCategorizationConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization patch: consumes: - application/json description: | Creates/Updates a PolicyUrlCategorizationConfig. Creating or updating the PolicyUrlCategorizationConfig will enable or disable URL categorization for the given edge cluster. If the context_profiles field is empty, the edge cluster will detect all the categories of URLs. If context_profiles field has any context profiles, the edge cluster will detect only the categories listed within those context profiles. The context profiles should have attribute type URL_CATEGORY. The update_frequency specifies how frequently in minutes, the edge cluster will get updates about the URL data from the URL categorization cloud service. If the update_frequency is not specified, the default update frequency will be 30 min. operationId: PatchPolicyUrlCategorizationConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: path name: url-categorization-config-id required: true type: string - in: body name: PolicyUrlCategorizationConfig required: true schema: $ref: '#/definitions/PolicyUrlCategorizationConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyUrlCategorizationConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update PolicyUrlCategorizationConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization put: consumes: - application/json description: | Creates/Updates a PolicyUrlCategorizationConfig. Creating or updating the PolicyUrlCategorizationConfig will enable or disable URL categorization for the given edge cluster. If the context_profiles field is empty, the edge cluster will detect all the categories of URLs. If context_profiles field has any context profiles, the edge cluster will detect only the categories listed within those context profiles. The context profiles should have attribute type URL_CATEGORY. The update_frequency specifies how frequently in minutes, the edge cluster will get updates about the URL data from the URL categorization cloud service. If the update_frequency is not specified, the default update frequency will be 30 min. operationId: PutPolicyUrlCategorizationConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: path name: url-categorization-config-id required: true type: string - in: body name: PolicyUrlCategorizationConfig required: true schema: $ref: '#/definitions/PolicyUrlCategorizationConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyUrlCategorizationConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update PolicyUrlCategorizationConfig tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes-aggstatus: get: consumes: - application/json description: | Get high-level summary of all transport nodes. The service layer does not support source = realtime or cached. operationId: GetAllTNsStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: Transport node type enum: - HOST - EDGE in: query name: node_type type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HeatMapTransportZoneStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get high-level summary of all transport nodes. The service layer does not support source = realtime or cached. tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes-status: get: consumes: - application/json description: |- Read status of all the transport nodes operationId: ListHostTNStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: Transport node enum: - UP - DOWN - DEGRADED - UNKNOWN in: query name: status type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TransportNodeStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read status of all the transport nodes tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/hyperbus-status: get: consumes: - application/json description: |- Get the container hyperbus status on given node operationId: GetTnHyperbusStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TnHyperbusStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the container hyperbus status on given node tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/lldp/interfaces: get: consumes: - application/json description: |- List LLDP Neighbor Properties of given Node operationId: ListAllLldpNeighborInterfaces parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceNeighborPropertyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List LLDP Neighbor Properties of given Node tags: - Policy - Monitoring - LLDP x-vmw-nsx-module: PolicyLldpInterface ? /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/lldp/interfaces/{interface-name} : get: consumes: - application/json description: | Read LLDP Neighbor Properties of transport node by Interface Name operationId: ShowLldpNeighborInterfaces parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string - description: |- Interface name to read in: path name: interface-name required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceNeighborProperties' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Read LLDP Neighbor Properties of transport node by Interface Name tags: - Policy - Monitoring - LLDP x-vmw-nsx-module: PolicyLldpInterface /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/node-agent-status: get: consumes: - application/json description: |- Get the container status on given node operationId: GetTnContainerAgentStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TnNodeAgentStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the container status on given node tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/pnic-bond-status: get: consumes: - application/json description: |- Get high-level summary of a transport node operationId: GetPnicStatusesForTN parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string - description: pNic/bond status enum: - UNKNOWN - UP - DOWN - DEGRADED in: query name: status type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PnicBondStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get high-level summary of a transport node tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap ? /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/remote-transport-node-status : get: consumes: - application/json description: | Read status of all transport nodes with tunnel connections to transport node operationId: ListRemoteTNStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string - description: BFD diagnostic code of Tunnel enum: - '0' - NO_DIAGNOSTIC - '1' - CONTROL_DETECTION_TIME_EXPIRED - '2' - ECHO_FUNCTION_FAILED - '3' - NEIGHBOR_SIGNALED_SESSION_DOWN - '4' - FORWARDING_PLANE_RESET - '5' - PATH_DOWN - '6' - CONCATENATED_PATH_DOWN - '7' - ADMINISTRATIVELY_DOWN - '8' - REVERSE_CONCATENATED_PATH_DOWN in: query name: bfd_diagnostic_code type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: Tunnel Status enum: - UP - DOWN in: query name: tunnel_status type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TransportNodeStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Read status of all transport nodes with tunnel connections to transport node tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/status: get: consumes: - application/json description: |- Read status of a transport node operationId: GetHostTNStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TransportNodeStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read status of a transport node tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/tunnels: get: consumes: - application/json description: |- List of tunnels operationId: GetTunnels parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string - description: BFD diagnostic code of Tunnel as defined in RFC 5880 enum: - '0' - NO_DIAGNOSTIC - '1' - CONTROL_DETECTION_TIME_EXPIRED - '2' - ECHO_FUNCTION_FAILED - '3' - NEIGHBOR_SIGNALED_SESSION_DOWN - '4' - FORWARDING_PLANE_RESET - '5' - PATH_DOWN - '6' - CONCATENATED_PATH_DOWN - '7' - ADMINISTRATIVELY_DOWN - '8' - REVERSE_CONCATENATED_PATH_DOWN in: query name: bfd_diagnostic_code type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: remote_node_id type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: Tunnel status enum: - UP - DOWN in: query name: status type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TunnelList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List of tunnels tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/host-transport-nodes/{node-id}/tunnels/{tunnel-name}: get: consumes: - application/json description: |- Tunnel properties operationId: GetTunnelByName parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport node in: path name: node-id required: true type: string - description: |- Tunnel name in: path name: tunnel-name required: true type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TunnelProperties' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Tunnel properties tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/transport-node-status-report: get: consumes: - application/json description: |- You must provide the request header "Accept:application/octet-stream" when calling this API. operationId: GetTNReport parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: Transport node enum: - UP - DOWN - DEGRADED in: query name: status type: string produces: - application/octet-stream responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Creates a status report of transport nodes of all the transport zones tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/transport-zones-aggstatus: get: consumes: - application/json description: | Get high-level summary of all transport zone status. The service layer does not support source = realtime or cached. operationId: GetAllTZStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HeatMapTransportNodesAggregateStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get high-level summary of all transport zone status. The service layer does not support source = realtime or cached. tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/transport-zones/{zone-id}/status: get: consumes: - application/json description: |- Get high-level summary of a transport zone operationId: GetHeatmapTZStatus parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport zone in: path name: zone-id required: true type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HeatMapTransportZoneStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get high-level summary of a transport zone tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/transport-zones/{zone-id}/transport-node-status: get: consumes: - application/json description: |- Read status of transport nodes in a transport zone operationId: ListTNStatusForTZ parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport zone in: path name: zone-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: Transport node enum: - UP - DOWN - DEGRADED - UNKNOWN in: query name: status type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TransportNodeStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read status of transport nodes in a transport zone tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}/transport-zones/{zone-id}/transport-node-status-report: get: consumes: - application/json description: |- You must provide the request header "Accept:application/octet-stream" when calling this API. operationId: GetTNReportForATZ parameters: - description: |- site ID in: path name: site-id required: true type: string - description: |- enforcement point ID in: path name: enforcement-point-id required: true type: string - description: |- ID of transport zone in: path name: zone-id required: true type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: Transport node enum: - UP - DOWN - DEGRADED in: query name: status type: string produces: - application/octet-stream responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Creates a status report of transport nodes in a transport zone tags: - Policy - Monitoring - Heatmap x-vmw-nsx-module: PolicyHeatmap /infra/sites/{site-id}/enforcement-points/{enforcement-point-id}?action=full-sync: post: consumes: - application/json description: |- Full sync EnforcementPoint from Site operationId: FullSyncEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - in: path name: enforcement-point-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Full sync EnforcementPoint from Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}: delete: consumes: - application/json description: |- Delete EnforcementPoint from Site operationId: DeleteEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete EnforcementPoint from Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement get: consumes: - application/json description: | Read an Enforcement Point under Infra/Site operationId: ReadEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an Enforcement Point under Infra/Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement patch: consumes: - application/json description: | If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, patch it. operationId: PatchEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: body name: EnforcementPoint required: true schema: $ref: '#/definitions/EnforcementPoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a new Enforcement Point under Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement put: consumes: - application/json description: | If the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, replace it. operationId: CreateOrUpdateEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: body name: EnforcementPoint required: true schema: $ref: '#/definitions/EnforcementPoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create/update a new Enforcement Point under Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/cluster-control-planes: get: consumes: - application/json description: | list all Cluster Control Planes operationId: ListClusterControlPlane parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterControlPlaneListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Cluster Control Plane tags: - System Administration - Configuration - Fabric - Nodes - Cluster Control Planes x-vmw-nsx-module: ClusterControlPlane /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/cluster-control-planes-heartbeat-config: get: consumes: - application/json description: |- Paginated list of all Antrea cluster heartbeat config operationId: ListAntreaHeartbeatConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaHeartbeatConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Antrea cluster heartbeat config list tags: - System Administration - Monitoring - System Health - Container - Antrea x-vmw-nsx-module: PolicyAntreaMonitoring /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/cluster-control-planes-status: get: consumes: - application/json description: |- Paginated list of all Antrea cluster status operationId: ListAntreaStatus parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaClusterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Antrea cluster status list tags: - System Administration - Monitoring - System Health - Container - Antrea x-vmw-nsx-module: PolicyAntreaMonitoring /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/cluster-control-planes/{cluster-control-plane-id}: delete: consumes: - application/json description: |- Delete a Cluster Control Plane Node operationId: DeleteClusterControlPlane parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: cluster-control-plane-id required: true type: string - default: false description: Flag to indicate if force delete cluster references from the firewall security policies. in: query name: cascade required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Cluster Control Plane Node tags: - System Administration - Configuration - Fabric - Nodes - Cluster Control Planes x-vmw-nsx-module: ClusterControlPlane get: consumes: - application/json description: |- Returns information about a specified Cluster Control Plane . operationId: GetClusterControlPlane parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: cluster-control-plane-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ClusterControlPlane' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a Cluster Control Plane tags: - System Administration - Configuration - Fabric - Nodes - Cluster Control Planes x-vmw-nsx-module: ClusterControlPlane put: consumes: - application/json description: | Joins a Cluster Control Plane to NSX-T operationId: CreateOrUpdateClusterControlPlane parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: cluster-control-plane-id required: true type: string - in: body name: ClusterControlPlane required: true schema: $ref: '#/definitions/ClusterControlPlane' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/ClusterControlPlane' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update Cluster Control Plane to NSX-T tags: - System Administration - Configuration - Fabric - Nodes - Cluster Control Planes x-vmw-nsx-module: ClusterControlPlane ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/cluster-control-planes/{cluster-control-plane-id}/heartbeat-config : get: consumes: - application/json description: |- Read Antrea heartbeat configuration operationId: ReadAntreaHeartbeatConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: cluster-control-plane-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaHeartbeatConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Antrea heartbeat configuration tags: - System Administration - Monitoring - System Health - Container - Antrea x-vmw-nsx-module: PolicyAntreaMonitoring patch: consumes: - application/json description: |- Patch the Antrea heartbeat configuration operationId: PatchAntreaHeartbeatConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: cluster-control-plane-id required: true type: string - in: body name: AntreaHeartbeatConfig required: true schema: $ref: '#/definitions/AntreaHeartbeatConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch the Antrea heartbeat configuration tags: - System Administration - Monitoring - System Health - Container - Antrea x-vmw-nsx-module: PolicyAntreaMonitoring put: consumes: - application/json description: |- Update the Antrea heartbeat configuration operationId: UpdateAntreaHeartbeatConfig parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: cluster-control-plane-id required: true type: string - in: body name: AntreaHeartbeatConfig required: true schema: $ref: '#/definitions/AntreaHeartbeatConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaHeartbeatConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the Antrea heartbeat configuration tags: - System Administration - Monitoring - System Health - Container - Antrea x-vmw-nsx-module: PolicyAntreaMonitoring /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/cluster-control-planes/{cluster-control-plane-id}/status: get: consumes: - application/json description: |- Read Antrea cluster status for a given Antrea cluster identifier. operationId: ReadAntreaStatus parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: cluster-control-plane-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AntreaClusterInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Antrea cluster status tags: - System Administration - Monitoring - System Health - Container - Antrea x-vmw-nsx-module: PolicyAntreaMonitoring /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters: get: consumes: - application/json description: | Paginated list of all Edge Clusters under an Enforcement Point operationId: ListEdgeClustersForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeClusterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Edge Clusters under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}: get: consumes: - application/json description: | Read a Edge Cluster under an Enforcement Point operationId: ReadEdgeClusterForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: edge-cluster-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeCluster' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Edge Cluster under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes: get: consumes: - application/json description: | Paginated list of all Edge Nodes under an Enforcement Point, Edge Cluster operationId: ListEdgeNodesUnderEdgeClusterForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: edge-cluster-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeNodeListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Edge Nodes under an Enforcement Point, Edge Cluster tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/edge-clusters/{edge-cluster-id}/edge-nodes/{edge-node-id}: get: consumes: - application/json description: | Read a Edge Node under an Enforcement Point, Edge Cluster operationId: ReadEdgeNodeUnderEdgeClusterForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: edge-cluster-id required: true type: string - in: path name: edge-node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyEdgeNode' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Edge Node under an Enforcement Point, Edge Cluster tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes: get: consumes: - application/json description: | Returns information about all host transport nodes along with underlying host details. A transport node is a host that contains hostswitches. A hostswitch can have virtual machines connected to them. Because each transport node has hostswitches, transport nodes can also have virtual tunnel endpoints, which means that they can be part of the overlay. operationId: ListHostTransportNodes parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: discovered node id in: query name: discovered_node_id required: false type: string - description: maintenance mode flag in: query name: in_maintenance_mode required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Transport node IP address in: query name: node_ip required: false type: string - description: a list of node types separated by comma or a single type in: query name: node_types required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Transport zone path in: query name: transport_zone_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HostTransportNodeListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Host Transport Nodes tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes/state: get: consumes: - application/json description: | Returns a list of transport node states that have realized state as provided as query parameter operationId: ListHostTransportNodesByState parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: maintenance mode state enum: - ENTERING - ENABLED - EXITING - DISABLED in: query name: mm_state required: false type: string - description: Realized state of transport nodes enum: - PENDING - IN_PROGRESS - SUCCESS - PARTIAL_SUCCESS - FAILED - ORPHANED in: query name: status required: false type: string - description: Virtual tunnel endpoint ip address of transport node in: query name: vtep_ip required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TransportNodeStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List transport nodes by realized state tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes/{host-transport-node-id}: delete: consumes: - application/json description: | Deletes the specified transport node. Query param force can be used to force delete the host nodes. It also removes the specified host node from system. If unprepare_host option is set to false, then host will be deleted without uninstalling the NSX components from the host. operationId: DeleteHostTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string - default: false description: 'Force delete the resource even if it is being used somewhere ' in: query name: force type: boolean - default: true description: Uninstall NSX components from host while deleting in: query name: unprepare_host required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Transport Node tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode get: consumes: - application/json description: |- Returns information about a specified transport node. operationId: GetHostTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HostTransportNode' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a Host Transport Node tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode patch: consumes: - application/json description: | Transport nodes are hypervisor hosts that will participate in an NSX-T overlay. For a hypervisor host, this means that it hosts VMs that will communicate over NSX-T logical switches. This API creates transport node for a host node (hypervisor) in the transport network. When you run this command for a host, NSX Manager attempts to install the NSX kernel modules, which are packaged as VIB, RPM, or DEB files. For the installation to succeed, you must provide the host login credentials and the host thumbprint. To get the ESXi host thumbprint, SSH to the host and run the openssl x509 -in /etc/vmware/ssl/rui.crt -fingerprint -sha256 -noout command. To generate host key thumbprint using SHA-256 algorithm please follow the steps below. Log into the host, making sure that the connection is not vulnerable to a man in the middle attack. Check whether a public key already exists. Host public key is generally located at '/etc/ssh/ssh_host_rsa_key.pub'. If the key is not present then generate a new key by running the following command and follow the instructions. ssh-keygen -t rsa Now generate a SHA256 hash of the key using the following command. Please make sure to pass the appropriate file name if the public key is stored with a different file name other than the default 'id_rsa.pub'. awk '{print $2}' id_rsa.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 Additional documentation on creating a transport node can be found in the NSX-T Installation Guide. In order for the transport node to forward packets, the host_switch_spec property must be specified. Host switches (called bridges in OVS on KVM hypervisors) are the individual switches within the host virtual switch. Virtual machines are connected to the host switches. When creating a transport node, you need to specify if the host switches are already manually preconfigured on the node, or if NSX should create and manage the host switches. You specify this choice by the type of host switches you pass in the host_switch_spec property of the TransportNode request payload. For a KVM host, you can preconfigure the host switch, or you can have NSX Manager perform the configuration. For an ESXi host NSX Manager always configures the host switch. To preconfigure the host switches on a KVM host, pass an array of PreconfiguredHostSwitchSpec objects that describes those host switches. In the current NSX-T release, only one prefonfigured host switch can be specified. See the PreconfiguredHostSwitchSpec schema definition for documentation on the properties that must be provided. Preconfigured host switches are only supported on KVM hosts, not on ESXi hosts. To allow NSX to manage the host switch configuration on KVM hosts, ESXi hosts, pass an array of StandardHostSwitchSpec objects in the host_switch_spec property, and NSX will automatically create host switches with the properties you provide. In the current NSX-T release, up to 16 host switches can be automatically managed. See the StandardHostSwitchSpec schema definition for documentation on the properties that must be provided. The request should provide node_deployement_info. operationId: PatchHostTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string - in: body name: HostTransportNode required: true schema: $ref: '#/definitions/HostTransportNode' - description: The network ids to which the ESX vmk interfaces will be migrated in: query name: esx_mgmt_if_migration_dest required: false type: string - description: The ESX vmk interfaces to migrate in: query name: if_id required: false type: string - description: IP Addresses to ping right after ESX vmk interfaces were migrated. in: query name: ping_ip required: false type: string - default: false description: Whether to skip front-end validation for vmk/vnic/pnic migration in: query name: skip_validation required: false type: boolean - description: The ESX vmk interfaces and/or VM NIC to migrate in: query name: vnic required: false type: string - description: The migration destinations of ESX vmk interfaces and/or VM NIC in: query name: vnic_migration_dest required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a Host Transport Node tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode put: consumes: - application/json description: | Transport nodes are hypervisor hosts that will participate in an NSX-T overlay. For a hypervisor host, this means that it hosts VMs that will communicate over NSX-T logical switches. This API creates transport node for a host node (hypervisor) in the transport network. When you run this command for a host, NSX Manager attempts to install the NSX kernel modules, which are packaged as VIB, RPM, or DEB files. For the installation to succeed, you must provide the host login credentials and the host thumbprint. To get the ESXi host thumbprint, SSH to the host and run the openssl x509 -in /etc/vmware/ssl/rui.crt -fingerprint -sha256 -noout command. To generate host key thumbprint using SHA-256 algorithm please follow the steps below. Log into the host, making sure that the connection is not vulnerable to a man in the middle attack. Check whether a public key already exists. Host public key is generally located at '/etc/ssh/ssh_host_rsa_key.pub'. If the key is not present then generate a new key by running the following command and follow the instructions. ssh-keygen -t rsa Now generate a SHA256 hash of the key using the following command. Please make sure to pass the appropriate file name if the public key is stored with a different file name other than the default 'id_rsa.pub'. awk '{print $2}' id_rsa.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 Additional documentation on creating a transport node can be found in the NSX-T Installation Guide. In order for the transport node to forward packets, the host_switch_spec property must be specified. Host switches (called bridges in OVS on KVM hypervisors) are the individual switches within the host virtual switch. Virtual machines are connected to the host switches. When creating a transport node, you need to specify if the host switches are already manually preconfigured on the node, or if NSX should create and manage the host switches. You specify this choice by the type of host switches you pass in the host_switch_spec property of the TransportNode request payload. For a KVM host, you can preconfigure the host switch, or you can have NSX Manager perform the configuration. For an ESXi host NSX Manager always configures the host switch. To preconfigure the host switches on a KVM host, pass an array of PreconfiguredHostSwitchSpec objects that describes those host switches. In the current NSX-T release, only one prefonfigured host switch can be specified. See the PreconfiguredHostSwitchSpec schema definition for documentation on the properties that must be provided. Preconfigured host switches are only supported on KVM hosts, not on ESXi hosts. To allow NSX to manage the host switch configuration on KVM hosts, ESXi hosts, pass an array of StandardHostSwitchSpec objects in the host_switch_spec property, and NSX will automatically create host switches with the properties you provide. In the current NSX-T release, up to 16 host switches can be automatically managed. See the StandardHostSwitchSpec schema definition for documentation on the properties that must be provided. The request should provide node_deployement_info. operationId: CreateOrUpdateHostTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string - in: body name: HostTransportNode required: true schema: $ref: '#/definitions/HostTransportNode' - description: The network ids to which the ESX vmk interfaces will be migrated in: query name: esx_mgmt_if_migration_dest required: false type: string - description: The ESX vmk interfaces to migrate in: query name: if_id required: false type: string - description: IP Addresses to ping right after ESX vmk interfaces were migrated. in: query name: ping_ip required: false type: string - default: false description: Whether to skip front-end validation for vmk/vnic/pnic migration in: query name: skip_validation required: false type: boolean - description: The ESX vmk interfaces and/or VM NIC to migrate in: query name: vnic required: false type: string - description: The migration destinations of ESX vmk interfaces and/or VM NIC in: query name: vnic_migration_dest required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HostTransportNode' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Host Transport Node tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes/{host-transport-node-id}/discovered-vifs : get: consumes: - application/json description: | For the given TransportNode, fetch all the VIF info from VC and return the corresponding state. Only host switch configured for security will be considered. operationId: ListVdsVifsOnTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: VDS identifier in: query name: host_switch_id required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Segment identifier in: query name: segment_id required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DiscoveredVifStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Fetch Discovered VIF State on given TransportNode tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes/{host-transport-node-id}/modules: get: consumes: - application/json description: | Get the module details of a host transport node operationId: GetFabricNodeModulesOfHostTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SoftwareModuleResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get the module details of a host transport node tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes/{host-transport-node-id}/state: get: consumes: - application/json description: | Returns information about the current state of the transport node configuration and information about the associated hostswitch. operationId: GetHostTransportNodeState parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TransportNodeState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get a Host Transport Node's State tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes/{host-transport-node-id}?action=restore_cluster_config : put: consumes: - application/json description: | A host can be overridden to have different configuration than Transport Node Profile(TNP) on cluster. This action will restore such overridden host back to cluster level TNP. This API can be used in other case. When TNP is applied to a cluster, if any validation fails (e.g. VMs running on host) then existing transport node (TN) is not updated. In that case after the issue is resolved manually (e.g. VMs powered off), you can call this API to update TN as per cluster level TNP. operationId: RestoreParentClusterConfigurationOnHostTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Apply cluster level Transport Node Profile on overridden host tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/host-transport-nodes/{host-transport-node-id}?action=resync_host_config : post: consumes: - application/json description: | Resync the TransportNode configuration on a host. It is similar to updating the TransportNode with existing configuration, but force synce these configurations to the host (no backend optimizations). operationId: ResyncHostTransportNode parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: host-transport-node-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Resync a Host Transport Node tags: - System Administration - Configuration - Fabric - Nodes - Transport Nodes x-vmw-nsx-module: PolicyHostTransportNode /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-node-collections: get: consumes: - application/json description: |- Returns all Transport Node collections operationId: ListHostTransportNodeCollections parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Managed object ID of cluster in VC in: query name: cluster_moid required: false type: string - description: Compute collection id in: query name: compute_collection_id required: false type: string - description: UUID for VC deployment in: query name: vc_instance_uuid required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HostTransportNodeCollectionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Transport Node collections tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-node-collections/{transport-node-collection-id}: delete: consumes: - application/json description: | By deleting transport node collection, we are detaching the transport node profile(TNP) from the compute collection. It has no effect on existing transport nodes. However, new hosts added to the compute collection will no longer be automatically converted to NSX transport node. Detaching TNP from compute collection does not delete TNP. operationId: DeleteHostTransportNodeCollection parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collection-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Detach transport node profile from compute collection. tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection get: consumes: - application/json description: |- Returns transport node collection by id operationId: GetHostTransportNodeCollection parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collection-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HostTransportNodeCollection' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Transport Node collection by id tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection patch: consumes: - application/json description: | Attach different transport node profile to compute collection by updating transport node collection. operationId: PatchHostTransportNodeCollection parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collection-id required: true type: string - in: body name: HostTransportNodeCollection required: true schema: $ref: '#/definitions/HostTransportNodeCollection' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch Transport Node collection tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-node-collections/{transport-node-collection-id}/state : get: consumes: - application/json description: | Returns the state of transport node collection based on the states of transport nodes of the hosts which are part of compute collection. operationId: GetHostTransportNodeCollectionState parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collection-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TransportNodeCollectionState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Transport Node collection application state tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-node-collections/{transport-node-collection-id}?action=install_for_microseg : post: consumes: - application/json description: |- This API configures a compute collection for security. In the request body, specify a Transport Node Collection with only the ID of the target compute collection meant for security. Specifically, a Transport Node Profile ID should not be specified. This API will define a system-generated security Transport Node Profile and apply it on the compute collection to create the Transport Node Collection. operationId: ConfigureTransportNodeCollectionForSecurity parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collection-id required: true type: string - in: body name: HostTransportNodeCollection required: true schema: $ref: '#/definitions/HostTransportNodeCollection' responses: '201': description: Created '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Configure the cluster for security tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-node-collections/{transport-node-collection-id}?action=remove_nsx : post: consumes: - application/json description: |- This API uninstalls NSX applied to the Transport Node Collection with the ID corresponding to the one specified in the request. operationId: RemoveNSXOnTransportNodeCollection parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collection-id required: true type: string responses: '201': description: Created '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Uninstall NSX from the specified Transport Node Collection tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection ? /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-node-collections/{transport-node-collection-id}?action=retry_profile_realization : post: consumes: - application/json description: |- This API is relevant for compute collection on which vLCM is enabled. This API should be invoked to retry the realization of transport node profile on the compute collection. This is useful when profile realization had failed because of error in vLCM. This API has no effect if vLCM is not enabled on the computer collection. operationId: RetryHostTransportNodeCollectionRealization parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collection-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Retry the process on applying transport node profile tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-node-collections/{transport-node-collections-id}: put: consumes: - application/json description: | When transport node collection is created the hosts which are part of compute collection will be prepared automatically i.e. NSX Manager attempts to install the NSX components on hosts. Transport nodes for these hosts are created using the configuration specified in transport node profile. Pass apply_profile to false, if you do not want to apply transport node profile on the existing transport node with overridden host flag set and ignore overridden hosts flag is set to true on the transport node profile. operationId: CreateOrUpdateHostTransportNodeCollection parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-node-collections-id required: true type: string - in: body name: HostTransportNodeCollection required: true schema: $ref: '#/definitions/HostTransportNodeCollection' - default: true description: Indicates if the Transport Node Profile (TNP) configuration should be applied during creation in: query name: apply_profile required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/HostTransportNodeCollection' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create transport node collection by attaching Transport Node Profile to cluster. tags: - System Administration - Configuration - Fabric - Nodes - Transport Node Collections x-vmw-nsx-module: HostTransportNodeCollection /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-zones: get: consumes: - application/json description: | Paginated list of all Transport Zones under an Enforcement Point operationId: ListTransportZonesForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Transport Zones under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyTransportZone /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}/transport-zones/{transport-zone-id}: delete: consumes: - application/json description: |- Delete a Transport Zone under an Enforcement Point. operationId: DeleteTransportZoneForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-zone-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Transport Zone under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyTransportZone get: consumes: - application/json description: | Read a Transport Zone under an Enforcement Point operationId: ReadTransportZoneForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-zone-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Transport Zone under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyTransportZone patch: consumes: - application/json description: | Patch a Transport Zone under an Enforcement Point operationId: PatchTransportZoneForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-zone-id required: true type: string - in: body name: PolicyTransportZone required: true schema: $ref: '#/definitions/PolicyTransportZone' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a Transport Zone under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyTransportZone put: consumes: - application/json description: | PUT a Transport Zone under an Enforcement Point operationId: CreateOrUpdateTransportZoneForEnforcementPoint parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string - in: path name: transport-zone-id required: true type: string - in: body name: PolicyTransportZone required: true schema: $ref: '#/definitions/PolicyTransportZone' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZone' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- PUT a Transport Zone under an Enforcement Point tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyTransportZone /infra/sites/{site-id}/enforcement-points/{enforcementpoint-id}?action=reload: post: consumes: - application/json description: | Reload an Enforcement Point under Site. This will read and update fabric configs from enforcement point. operationId: ReloadEnforcementPointForSite parameters: - in: path name: site-id required: true type: string - in: path name: enforcementpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EnforcementPoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reload an Enforcement Point under Site tags: - Policy - Infra - Enforcement Points x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/sites/{site-id}/napp/deployment/kubeconfig: get: consumes: - application/json description: | To get more information about kubeconfig file like user, cluster, context, namespace etc. operationId: GetKubeconfigInfo parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/KubeconfigInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get information about kubeconfig file tags: - NSX Application Platform - Kubeconfig x-vmw-nsx-module: PolicyCloudNative post: consumes: - multipart/form-data description: | Synchronous call to upload kubeconfig file on orchestrator node. This will be used to connect with Kubernetes cluster. operationId: UploadKubeconfig parameters: - in: path name: site-id required: true type: string - description: File to upload in: formData name: file required: true type: file produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UploadBundleId' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': description: Internal Server Error '503': $ref: '#/responses/ServiceUnavailable' summary: |- Upload kubeconfig file tags: - NSX Application Platform - Kubeconfig x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/kubernetes-tools: get: consumes: - application/json description: | To show information about Kubernetes tools version. It will list kubectl client version, kube-apiserver version. Also show, whether kubectl client version is compatible with kube-apiserver version.kubectl is supported within one minor version (older or newer) of kube-apiserver. operationId: GetKubernetesToolsInfo parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/KubernetesToolsInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get information about Kubernetes tools tags: - NSX Application Platform - Kubernetes - Tools x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/platform: get: consumes: - application/json description: |- Get input parameters required to deploy NSX Application Platform. operationId: GetPlatformDeploymentConfig parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PlatformDeploymentConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NSX Application Platform deployment configuration tags: - NSX Application Platform - Deployment - Platform - Config x-vmw-nsx-module: PolicyCloudNativePlatform patch: consumes: - application/json description: | Update input parameters required to deploy platform related pods. The UI has option to deploy kubernetes tools. You need to get this file from VMware website. File contains kubectl binary, helm binary and signature to verify them. operationId: UpdatePlatformDeploymentConfig parameters: - in: path name: site-id required: true type: string - in: body name: PlatformDeploymentConfig required: true schema: $ref: '#/definitions/PlatformDeploymentConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PlatformDeploymentConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update platform configuration tags: - NSX Application Platform - Deployment - Platform - Config x-vmw-nsx-module: PolicyCloudNativePlatform /infra/sites/{site-id}/napp/deployment/platform/checks: put: consumes: - application/json description: | Run pre/post checks for NSX Application Platform operationId: RunDeploymentChecks parameters: - in: path name: site-id required: true type: string - in: body name: PlatformDeploymentChecksAction required: true schema: $ref: '#/definitions/PlatformDeploymentChecksAction' produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Run pre/post checks for NSX Application Platform tags: - NSX Application Platform - Deployment - Platform - Status x-vmw-nsx-module: PolicyCloudNativePlatform /infra/sites/{site-id}/napp/deployment/platform/checks/status: get: consumes: - application/json description: |- Get NSX Application Platform pre/post checks progress status. operationId: GetPlatformDeploymentChecksStatus parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentChecksStatusResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NSX Application Platform pre/post checks progress status tags: - NSX Application Platform - Deployment - Platform - Status x-vmw-nsx-module: PolicyCloudNativePlatform /infra/sites/{site-id}/napp/deployment/platform/form-factors: get: consumes: - application/json description: |- Get available deployment form factors for NSX Application Platform. operationId: GetAvailableFormFactors parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PlatformFormFactors' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get available deployment form factors for NSX Application Platform tags: - NSX Application Platform - Deployment - Platform - Form Factors x-vmw-nsx-module: PolicyCloudNativePlatform /infra/sites/{site-id}/napp/deployment/platform/status: get: consumes: - application/json description: |- Get platform deployment or undeployment progress status. operationId: PlatformDeploymentProgress parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentProgressStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get platform deployment or undeployment progress status tags: - NSX Application Platform - Deployment - Platform - Status x-vmw-nsx-module: PolicyCloudNativePlatform /infra/sites/{site-id}/napp/deployment/platform/versions: get: consumes: - application/json description: |- Get NSX Application Platform versions. operationId: GetAvailableVersions parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentVersions' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NSX Application Platform versions tags: - NSX Application Platform - Deployment - Platform - Versions x-vmw-nsx-module: PolicyCloudNativePlatform /infra/sites/{site-id}/napp/deployment/registry: get: consumes: - application/json description: |- Get helm repo and docker registry url for chart deployment. operationId: GetDeploymentRegistry parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentRegistry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get helm repo and docker registry url tags: - NSX Application Platform - Deployment - Registry x-vmw-nsx-module: PolicyCloudNative put: consumes: - application/json description: | In case of helm chart present in private repository and containers are hosted in private hub. You can change docker and helm url to use these private URL instead of default public one. operationId: UpdateDeploymentRegistry parameters: - in: path name: site-id required: true type: string - in: body name: DeploymentRegistry required: true schema: $ref: '#/definitions/DeploymentRegistry' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentRegistry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Docker registry and helm repository url. tags: - NSX Application Platform - Deployment - Registry x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/registry/reset: put: consumes: - application/json description: |- Reset helm and docker url to default one operationId: ResetDeploymentRegistry parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentRegistry' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset helm and docker url to default one tags: - NSX Application Platform - Deployment - Registry x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/storage-classes: get: consumes: - application/json description: | Get the list of Kubernetes storage classes. operationId: GetStorageClasses parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StorageClasses' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get list of Kubernetes storage classes tags: - NSX Application Platform - Deployment - Platform - Storageclass x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/tools/upload: post: consumes: - multipart/form-data description: | Synchronous call to upload the Kubernetes tools on NSX Manager via File. You need to get this file from VMware website. File will contains kubectl binary, helm binary and signature to verify them. operationId: UploadContainerTools parameters: - in: path name: site-id required: true type: string - description: File to upload in: formData name: file required: true type: file produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UploadBundleId' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Upload the Kubernetes tools on NSX Manager via File tags: - NSX Application Platform - Platform - Tools - Bundle - Upload x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/tools/upload/status/{bundle-id}: get: consumes: - application/json description: | Get the progress of uploading kubernetes tools bundle from the remote location. This API will also verify the kubernetes tools bundle, before marking upload as a success. operationId: GetUploadBundleStatus parameters: - in: path name: site-id required: true type: string - in: path name: bundle-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UploadBundleStatus' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get progress status of kubernetes tools bundle upload tags: - NSX Application Platform - Deployment - Bundle - Status x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/tools/upload_from_remote_server: post: consumes: - application/json description: | Upload the Kubernetes tools on NSX Manager via remote url. You need to get this file from VMware website. File contains kubectl binary, helm binary and signature to verify them. operationId: UploadContainerToolsFromRemoteServer parameters: - in: path name: site-id required: true type: string - in: body name: UploadBundleRemoteServer required: true schema: $ref: '#/definitions/UploadBundleRemoteServer' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UploadBundleId' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Upload the Kubernetes tools on NSX Manager via remote URL tags: - NSX Application Platform - Deployment - Tools - Bundle - Upload x-vmw-nsx-module: PolicyCloudNative /infra/sites/{site-id}/napp/deployment/upgrade-coordinator: get: consumes: - application/json description: |- Get input parameters required to deploy upgrade-coordinator. operationId: GetUpgradeCoordinatorDeploymentConfig parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UpgradeCoordinatorDeploymentConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get upgrade coordinator deployment configuration tags: - NSX Application Platform - Upgrade - Coordinator - Config x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator patch: consumes: - application/json description: | Update input parameter require to deploy upgrade-coordinator related pods. Advance configuraion option on UI has option to deploy kubernetes tools. You need to get this file from VMware website. File contains kubectl binary, helm binary and signature to verify them. operationId: UpdateUpgradeCoordinatorDeploymentConfig parameters: - in: path name: site-id required: true type: string - in: body name: UpgradeCoordinatorDeploymentConfig required: true schema: $ref: '#/definitions/UpgradeCoordinatorDeploymentConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/UpgradeCoordinatorDeploymentConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update upgrade-coordinator configuration tags: - NSX Application Platform - Upgrade - Coordinator - Config x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator /infra/sites/{site-id}/napp/deployment/upgrade-coordinator/checks: put: consumes: - application/json description: | Run pre/post checks for NSX Application Platform upgrade-coordinator. operationId: RunUCDeploymentChecks parameters: - in: path name: site-id required: true type: string - in: body name: DeploymentChecksAction required: true schema: $ref: '#/definitions/DeploymentChecksAction' produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Run pre/post checks for NSX Application Platform upgrade-coordinator tags: - NSX Application Platform - Deployment - Upgrade - Coordinator - Check x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator /infra/sites/{site-id}/napp/deployment/upgrade-coordinator/checks/status: get: consumes: - application/json description: |- Get NSX Application Platform upgrade-coordinator pre/post checks progress status. operationId: GetUCDeploymentChecksStatus parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentChecksStatusResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NSX Application Platform upgrade-coordinator pre/post checks progress status. tags: - NSX Application Platform - Deployment - Upgrade - Coordinator - Check - Status x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator /infra/sites/{site-id}/napp/deployment/upgrade-coordinator/status: get: consumes: - application/json description: |- Get deployment or undeployment progress status. operationId: GetUpgradeCoordinatorDeploymentProgressStatus parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentProgressStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get deployment or undeployment progress status tags: - NSX Application Platform - Upgrade - Coordinator - Status x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator /infra/sites/{site-id}/napp/deployment/upgrade-coordinator/versions: get: consumes: - application/json description: |- Get NSX Application Platform upgrade-coordinator versions. operationId: GetAvailableUCVersions parameters: - in: path name: site-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DeploymentVersions' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NSX Application Platform upgrade-coordinator versions tags: - NSX Application Platform - Deployment - Upgrade - Coordinator - Versions x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator /infra/span: get: consumes: - application/json description: |- Get span for an entity with specified path. operationId: GetSpan parameters: - description: String Path of the intent object in: query name: intent_path required: true type: string - description: Policy Path of the site in: query name: site_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Span' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get span for an entity with specified path tags: - Federation - Sites x-vmw-nsx-module: PolicySitesSpan /infra/spoofguard-profiles: get: consumes: - application/json description: | API will list all SpoofGuard profiles. operationId: ListSpoofGuardProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SpoofGuardProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List SpoofGuard profiles tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard /infra/spoofguard-profiles/{spoofguard-profile-id}: delete: consumes: - application/json description: | API will delete SpoofGuard profile with the given id. operationId: DeleteSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard get: consumes: - application/json description: | API will return details of the SpoofGuard profile with given id. If the profile does not exist, it will return 404. operationId: GetSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SpoofGuardProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard patch: consumes: - application/json description: | Create a new SpoofGuard profile if the SpoofGuard profile with the given id does not exist. Otherwise, patch with the existing SpoofGuard profile. operationId: PatchSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string - in: body name: SpoofGuardProfile required: true schema: $ref: '#/definitions/SpoofGuardProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard put: consumes: - application/json description: | API will create or replace SpoofGuard profile. operationId: CreateOrUpdateSpoofGuardProfile parameters: - description: |- SpoofGuard profile id in: path name: spoofguard-profile-id required: true type: string - in: body name: SpoofGuardProfile required: true schema: $ref: '#/definitions/SpoofGuardProfile' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SpoofGuardProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace SpoofGuard profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Spoofguard Profiles x-vmw-nsx-module: PolicySpoofGuard /infra/static-mime-contents: get: consumes: - application/json description: |- API will list all static mime contents operationId: ListPolicyStaticMimeContents parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticMimeContentListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List static mime contents tags: - Policy - Inventory - Profiles - L7 Access Profiles - Static MIME Content x-vmw-nsx-module: PolicyStaticMimeContent /infra/static-mime-contents/{static-mime-content-id}: delete: consumes: - application/json description: |- API will delete static mime content operationId: DeletePolicyStaticMimeContent parameters: - description: |- Static mime content id in: path name: static-mime-content-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete static Mime content tags: - Policy - Inventory - Profiles - L7 Access Profiles - Static MIME Content x-vmw-nsx-module: PolicyStaticMimeContent get: consumes: - application/json description: |- API will get static mime content operationId: GetPolicyStaticMimeContent parameters: - description: |- Static mime content id in: path name: static-mime-content-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticMimeContent' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Static Mime content tags: - Policy - Inventory - Profiles - L7 Access Profiles - Static MIME Content x-vmw-nsx-module: PolicyStaticMimeContent patch: consumes: - application/json description: |- API will create/update static mime content id operationId: PatchPolicyStaticMimeContent parameters: - description: |- static mime content id in: path name: static-mime-content-id required: true type: string - in: body name: StaticMimeContent required: true schema: $ref: '#/definitions/StaticMimeContent' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticMimeContent' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update static mime content id tags: - Policy - Inventory - Profiles - L7 Access Profiles - Static MIME Content x-vmw-nsx-module: PolicyStaticMimeContent put: consumes: - application/json description: |- API will create/update static mime content id operationId: CreateOrUpdatePolicyStaticMimeContent parameters: - description: |- static mime content id in: path name: static-mime-content-id required: true type: string - in: body name: StaticMimeContent required: true schema: $ref: '#/definitions/StaticMimeContent' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticMimeContent' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update static mime content id tags: - Policy - Inventory - Profiles - L7 Access Profiles - Static MIME Content x-vmw-nsx-module: PolicyStaticMimeContent /infra/tags: get: consumes: - application/json description: | Returns paginated list of all unique tags. Supports filtering by scope, tag and source from which tags are synched. Supports starts with, equals and contains operators on scope and tag values. To filter tags by starts with on scope or tag, use '*' as prefix before the value. To filter tags by ends with on scope or tag, use '*' as suffix after the value. To filter tags by contain on scope or tag, use '*' as prefix and suffix on the value. Below special characters in the filter value needs to be escaped with hex values. - Character '&' needs to be escaped as '%26' - Character '[' needs to be escaped as '%5B' - Character ']' needs to be escaped as '%5D' - Character '+' needs to be escaped as '%2B' - Character '#' needs to be escaped as '%23' Sort option for list of unique tags is available only on tag and scope properties. operationId: ListAllTags parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Tag scope in: query name: scope required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Source from which tags are synced. enum: - Amazon - Azure - NSX - ANY in: query name: source required: false type: string - description: Tag value in: query name: tag required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TagInfoListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all unique tags. tags: - Policy - Inventory - Tags x-vmw-nsx-module: PolicyTag /infra/tags/effective-resources: get: consumes: - application/json description: | Paginated list of all objects assigned with matching scope and tag values. Objects are represented in form of resource reference. Sort option is available only on target_type and target_display_name properties. operationId: ListTaggedObjects parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Filter text to restrict tagged objects list with matching filter text. in: query name: filter_text required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Tag scope in: query name: scope required: false type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Tag value in: query name: tag required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all objects assigned with matching scope and tag values tags: - Policy - Inventory - Tags x-vmw-nsx-module: PolicyTag /infra/tags/tag-operations/{operation-id}: get: consumes: - application/json description: | Get details of tag bulk operation request with which tag is applied or removed on virtual machines. operationId: GetTagBulkOperation parameters: - in: path name: operation-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TagBulkOperation' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get details of tag bulk operation request tags: - Policy - Inventory - Tags x-vmw-nsx-module: PolicyTag put: consumes: - application/json description: "Tag can be assigned or unassigned on multiple objects. Supported\ \ object type is \nrestricted to Virtual Machine for now and support for other\ \ objects will be added \nlater. Permissions for tag bulk operation would\ \ be similar to virtual machine\ntag permissions.\n" operationId: TagBulkUpdate parameters: - in: path name: operation-id required: true type: string - in: body name: TagBulkOperation required: true schema: $ref: '#/definitions/TagBulkOperation' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TagBulkOperation' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Assign or Unassign tag on multiple Virtual Machines. tags: - Policy - Inventory - Tags x-vmw-nsx-module: PolicyTag /infra/tags/tag-operations/{operation-id}/status: get: consumes: - application/json description: | Get status of tag bulk operation with details of tag operation on each virtual machine. operationId: GetTagBulkOperationStatus parameters: - in: path name: operation-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TagBulkOperationStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get status of tag bulk operation tags: - Policy - Inventory - Tags x-vmw-nsx-module: PolicyTag /infra/tier-0s: get: consumes: - application/json description: | Paginated list of all Tier-0s operationId: ListTier0s parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0ListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0s tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}: delete: consumes: - application/json description: |- Delete Tier-0 operationId: DeleteTier0 parameters: - in: path name: tier-0-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-0 operationId: ReadTier0 parameters: - in: path name: tier-0-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a Tier-0 with the tier-0-id is not already present, create a new Tier-0. If it already exists, update the Tier-0 for specified attributes. operationId: PatchTier0 parameters: - in: path name: tier-0-id required: true type: string - in: body name: Tier0 required: true schema: $ref: '#/definitions/Tier0' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a Tier-0 with the tier-0-id is not already present, create a new Tier-0. If it already exists, replace the Tier-0 instance with the new object. operationId: CreateOrReplaceTier0 parameters: - in: path name: tier-0-id required: true type: string - in: body name: Tier0 required: true schema: $ref: '#/definitions/Tier0' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/arp-proxies: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 operationId: GetTier0GatewayArpProxies parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-0 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/arp-proxies?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 in CSV format operationId: GetTier0GatewayArpProxiesInCsv parameters: - in: path name: tier-0-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/community-lists: get: consumes: - application/json description: | Paginated list of all community lists under a tier-0 operationId: ListCommunityList parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunityListListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List BGP community lists tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Community Lists x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/community-lists/{community-list-id}: delete: consumes: - application/json description: |- Delete a BGP community list operationId: DeleteCommunityList parameters: - in: path name: tier-0-id required: true type: string - in: path name: community-list-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a BGP community list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Community Lists x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read a BGP community list operationId: ReadCommunityList parameters: - in: path name: tier-0-id required: true type: string - in: path name: community-list-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunityList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a BGP community list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Community Lists x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a community list with the community-list-id is not already present, create a new community list. If it already exists, update the community list for specified attributes. operationId: PatchCommunityList parameters: - in: path name: tier-0-id required: true type: string - in: path name: community-list-id required: true type: string - in: body name: CommunityList required: true schema: $ref: '#/definitions/CommunityList' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP community list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Community Lists x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a community list with the community-list-id is not already present, create a new community list. If it already exists, replace the community list instance with the new object. operationId: CreateOrReplaceCommunityList parameters: - in: path name: tier-0-id required: true type: string - in: path name: community-list-id required: true type: string - in: body name: CommunityList required: true schema: $ref: '#/definitions/CommunityList' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/CommunityList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP community list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Community Lists x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/dns-forwarder: delete: consumes: - application/json description: |- Delete DNS configuration for tier-0 instance operationId: DeletePolicyDnsForwarderOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DNS configuration for tier-0 instance tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder get: consumes: - application/json description: |- Read the DNS Forwarder for the given tier-0 instance operationId: ReadPolicyDnsForwarderOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarder' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder for the given tier-0 instance tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder patch: consumes: - application/json description: |- Update the DNS Forwarder operationId: PatchPolicyDnsForwarderOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - in: body name: PolicyDnsForwarder required: true schema: $ref: '#/definitions/PolicyDnsForwarder' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the DNS Forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder post: consumes: - application/json description: | Perform the specified action for Tier0 DNS forwarder on specified enforcement point. operationId: PerformEPActionForDnsForwarderAtTier0 parameters: - in: path name: tier-0-id required: true type: string - description: An action to be performed for DNS forwarder on EP enum: - clear_cache in: query name: action required: true type: string - default: /infra/sites/default/enforcement-points/default description: An enforcement point path, on which the action is to be performed in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Perform the specified DNS forwarder action tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder put: consumes: - application/json description: |- Update the DNS Forwarder operationId: UpdatePolicyDnsForwarderOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - in: body name: PolicyDnsForwarder required: true schema: $ref: '#/definitions/PolicyDnsForwarder' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarder' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the DNS Forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder /infra/tier-0s/{tier-0-id}/dns-forwarder/nslookup: get: consumes: - application/json description: | Query the nameserver for an ip-address or a FQDN of the given an address optionally using an specified DNS server. If the address is a fqdn, nslookup will resolve ip-address with it. If the address is an ip-address, do a reverse lookup and answer fqdn(s). If enforcement point is specified, then DNS forwarder nslookup answer will get fetched from specified enforcement point. Otherwise from all enforcement points. operationId: LookupAddressViaTier0DNSForwarder parameters: - in: path name: tier-0-id required: true type: string - description: IP address or FQDN for nslookup in: query name: address required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregatePolicyDnsAnswer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Resolve a given address via the dns forwarder at Tier0 tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDnsForwarder /infra/tier-0s/{tier-0-id}/dns-forwarder/statistics: get: consumes: - application/json description: | Get statistics of tier-0 DNS forwarder. - no enforcement point path specified: Statistics will be evaluated on each enforcement point. - {enforcement_point_path}: Statistics are evaluated only on the given enforcement point. operationId: GetTier0DNSForwarderStatistics parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 DNS forwarder statistics tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDNSStatistics /infra/tier-0s/{tier-0-id}/dns-forwarder/status: get: consumes: - application/json description: | Get current status of tier-0 DNS forwarder. - no enforcement point path specified: Status will be evaluated on each enforcement point. - {enforcement_point_path}: Status will be evaluated only on the given enforcement point. operationId: GetTier0DNSForwarderStatus parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get current status of tier-0 DNS forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-0 Gateways x-vmw-nsx-module: PolicyDNSStatistics /infra/tier-0s/{tier-0-id}/evpn: get: consumes: - application/json description: | Read Evpn Configuration. operationId: ReadEvpnConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Evpn Configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Configuration x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create a evpn configuration if it is not already present, otherwise update the evpn configuration. operationId: PatchEvpnConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - in: body name: EvpnConfig required: true schema: $ref: '#/definitions/EvpnConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update evpn configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Configuration x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create or update evpn configuration. operationId: CreateOrUpdateEvpnConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - in: body name: EvpnConfig required: true schema: $ref: '#/definitions/EvpnConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update evpn configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Configuration x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/forwarding-table: get: consumes: - application/json description: | Get forwarding table from tier-0 operationId: GetTier0ForwardingTable parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoutingTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/forwarding-table?format=csv: get: consumes: - application/json description: | Get forwarding table from tier-0 gateway in CSV format. operationId: GetTier0ForwardingTableCsv parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/GatewayRouteTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-0 in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of gateway rules associated with the Tier-0. The gateay policies are returned in the order of category and precedence. operationId: ViewTier0GatewayFirewall parameters: - in: path name: tier-0-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-0 logical router. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-0 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /infra/tier-0s/{tier-0-id}/groups: get: consumes: - application/json description: | Paginated list of all Groups for Tier-0. operationId: ListTier0Group parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Comma Seperated Member types in: query name: member_types required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GroupListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Groups for Tier-0 tags: - Policy - Inventory - Groups - Gateway Firewall Groups x-vmw-nsx-module: PolicyEdgeFirewall /infra/tier-0s/{tier-0-id}/groups/{group-id}: delete: consumes: - application/json description: | Delete the Group under Tier-0. operationId: DeleteTier0Group parameters: - in: path name: tier-0-id required: true type: string - in: path name: group-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Deletes Group under Tier-0 tags: - Policy - Inventory - Groups - Gateway Firewall Groups x-vmw-nsx-module: PolicyEdgeFirewall get: consumes: - application/json description: |- Read Tier-0 Group operationId: ReadTier0Group parameters: - in: path name: tier-0-id required: true type: string - in: path name: group-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Group' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 Group tags: - Policy - Inventory - Groups - Gateway Firewall Groups x-vmw-nsx-module: PolicyEdgeFirewall patch: consumes: - application/json description: | If a Group with the group-id is not already present, create a new Group under the tier-0-id. Update if exists. The API valiates that Tier-0 is present before creating the Group. operationId: PatchTier0Group parameters: - in: path name: tier-0-id required: true type: string - in: path name: group-id required: true type: string - in: body name: Group required: true schema: $ref: '#/definitions/Group' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Group under specified Tier-0 tags: - Policy - Inventory - Groups - Gateway Firewall Groups x-vmw-nsx-module: PolicyEdgeFirewall put: consumes: - application/json description: | If a Group with the group-id is not already present, create a new Group under the tier-0-id. Update if exists. The API valiates that Tier-0 is present before creating the Group. operationId: CreateOrReplaceTier0Group parameters: - in: path name: tier-0-id required: true type: string - in: path name: group-id required: true type: string - in: body name: Group required: true schema: $ref: '#/definitions/Group' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Group' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Group under specified Tier-0 tags: - Policy - Inventory - Groups - Gateway Firewall Groups x-vmw-nsx-module: PolicyEdgeFirewall /infra/tier-0s/{tier-0-id}/groups/{group-id}/members/ip-addresses: get: consumes: - application/json description: | Get IP addresses that belong to this Tier-0 Group. This API is applicable for Groups containing either VirtualMachine, VIF, Segment ,Segment Port or IP Address member type.For Groups containing other member types,an empty list is returned operationId: GetProviderGroupIPMembers parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyGroupIPMembersListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IP addresses that belong to this Tier-0 Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/tier-0s/{tier-0-id}/groups/{group-id}/members/virtual-machines: get: consumes: - application/json description: | Get Virtual machines that belong to this Tier-0 Group. This API is applicable for Groups containing VirtualMachine member type. For Groups containing other member types,an empty list is returned. operationId: GetProviderGroupVMMembers parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Group Id in: path name: group-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RealizedVirtualMachineListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Virtual machines that belong to this Tier-0 Group tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/tier-0s/{tier-0-id}/ipsec-vpn-services: get: consumes: - application/json description: | Get paginated list of all IPSec VPN services for given Tier-0. operationId: ListTier0VpnIPSecVpnServices parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}: delete: consumes: - application/json description: | Delete IPSec VPN service for under Tier-0. operationId: DeleteTier0VpnIPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: | Get IPSec VPN service under Tier-0. operationId: GetTier0VpnIPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: | Create or patch IPSec VPN service under Tier-0. operationId: CreateOrPatchTier0VpnIPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN service under given Tier-0. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier0VpnIPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/local-endpoints: get: consumes: - application/json description: | Get paginated list of all IPSec VPN local endpoints for a given ipsec vpn service under Tier-0. operationId: ListTier0VpnIPSecVpnLocalEndpoints parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/local-endpoints/{local-endpoint-id}: delete: consumes: - application/json description: | Delete IPSec VPN local endpoint for a given ipsec vpn service under Tier-0. operationId: DeleteTier0VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: | Get IPSec VPN local endpoint for a given ipsec vpn service under Tier-0. operationId: GetTier0VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: | Create or patch a custom IPSec VPN local endpoint under Tier-0. operationId: CreateOrPatchTier0VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a custom IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN local endpoint for a given ipsec vpn service under Tier-0. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier0VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/sessions: get: consumes: - application/json description: | Get paginated list of all IPSec VPN sessions for a given ipsec vpn service under Tier-0. operationId: ListTier0VpnIPSecVpnSessions parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN sessions list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: | Delete IPSec VPN session for a given ipsec vpn service under Tier-0. operationId: DeleteTier0VpnIPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: | Get IPSec VPN session without sensitive data for a given ipsec vpn service under Tier-0. operationId: GetTier0VpnIPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: | Create or patch an IPSec VPN session for a given ipsec vpn service under Tier-0. operationId: CreateOrPatchTier0VpnIPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN session for a given ipsec vpn service under Tier-0. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier0VpnIPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/detailed-status: get: consumes: - application/json description: | - no enforcement point path specified: detailed status is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed status is fetched realtime from the enforcement point. - source=cached: cached detailed status from enforcement point is returned. operationId: GetTier0VpnIPSecVpnSessionStatus parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session detailed status under Tier-0 tags: - Policy - Networking - Network Services - VPN - IPSEC - Status x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/peer-config: get: consumes: - application/json description: | Download IPSec VPN configuration for the peer site. Peer config also contains PSK; be careful when sharing or storing it. operationId: GetTier0VpnIPSecVpnPeerConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - text/plain; charset=utf-8 responses: '200': description: OK schema: type: string '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN configuration for the peer site tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/statistics: get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from enforcement point are returned. operationId: GetTier0VpnIPSecVpnSessionStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session statistics under Tier-0 tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics post: consumes: - application/json description: | Resets the statistics of the given VPN session. Since source of data is enforcement point, data is reset there. operationId: ResetTier0VpnIPSecVpnSessionStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: Action on statistics enum: - reset in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset the statistics of the given VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}?action=show_sensitive_data: get: consumes: - application/json description: | Get IPSec VPN session with senstive data for a given ipsec vpn service under Tier-0. operationId: GetTier0VpnIPSecVpnSessionWithSensitiveData parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-0s/{tier-0-id}/ipsec-vpn-services/{service-id}/summary: get: consumes: - application/json description: | Summarized view of all tier-0 IPSec VPN sessions for a specified service. operationId: GetTier0VpnIpsecVpnSessionSummary parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIpsecVpnIkeServiceSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session Summary tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Summary x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/l2vpn-services: get: consumes: - application/json description: |- Get paginated list of all L2VPN services under Tier-0. operationId: ListTier0VpnL2VPNServices parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service list result under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}: delete: consumes: - application/json description: |- Delete L2VPN service for given Tier-0. operationId: DeleteTier0VpnL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN get: consumes: - application/json description: |- Get L2VPN service for given Tier-0 operationId: GetTier0VpnL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN patch: consumes: - application/json description: |- Create or patch L2VPN service for given Tier-0 operationId: CreateOrPatchTier0VpnL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN put: consumes: - application/json description: |- Create or fully replace L2VPN service for given Tier-0. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier0VpnL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}/sessions: get: consumes: - application/json description: |- Get paginated list of all L2VPN sessions under Tier-0. operationId: ListTier0VpnL2VPNSessions parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN sessions list result under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: |- Delete L2VPN session under Tier-0. When L2VPN Service is in CLIENT Mode, the L2VPN Session is deleted along with its transpot tunnels and related resources. operationId: DeleteTier0VpnL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN get: consumes: - application/json description: |- Get L2VPN session under Tier-0. operationId: GetTier0VpnL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN Session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN patch: consumes: - application/json description: | Create or patch an L2VPN session under Tier-0. API supported only when L2VPN Service is in Server Mode. operationId: CreateOrPatchTier0VpnL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN put: consumes: - application/json description: | Create or fully replace L2VPN session under Tier-0. API supported only when L2VPN Service is in Server Mode. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier0VpnL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}/sessions/{session-id}/detailed-status: get: consumes: - application/json description: | - no enforcement point path specified: detailed tatus is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed tatus is fetched realtime from the enforcement point. - source=cached: cached detailed status is returned. operationId: GetTier0VpnL2VpnSessionStatus parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session detailed status under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Status x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}/sessions/{session-id}/peer-config: get: consumes: - application/json description: | Get peer config for the Tier-0 L2VPN session to configure the remote side of the tunnel. - no enforcement point path specified: L2VPN Session Peer Codes will be evaluated on each enforcement point. - enforcement point paths specified: L2VPN Session Peer Codes are evaluated only on the given enforcement points. API supported only when L2VPN Service is in Server Mode. operationId: GetTier0VpnL2VPNSessionPeerConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionPeerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 L2VPN session configuration for the peer site tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}/sessions/{session-id}/remote-mac: get: consumes: - application/json description: | Returns L2Vpn session remote macs for a logical switch. Data is fetched from enforcement point. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id>/detailed-status instead. operationId: GetTier0VpnL2VpnSessionRemoteMacsForLS parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Segment Path in: query name: segment_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VpnSessionRemoteMac' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2Vpn session remote mac for logical switch tags: - Policy - Networking - Network Services - VPN - L2VPN - Remote-Mac x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}/sessions/{session-id}/statistics: get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from the enforcement point are returned. operationId: GetTier0VpnL2VpnSessionStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session statistics under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Statistics x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/l2vpn-services/{service-id}/sessions/{session-id}?action=create_with_peer_code: post: consumes: - application/json description: | Create or patch an L2VPN session under Tier-0 from Peer Codes. In addition to the L2VPN Session, the IPSec VPN Session, along with the IKE, Tunnel, and DPD Profiles are created and owned by the system. IPSec VPN Service and Local Endpoint are created only when required, i.e., an IPSec VPN Service does not already exist, or an IPSec VPN Local Endpoint with same local address does not already exist. Updating the L2VPN Session can be performed only through this API by specifying new peer codes. Use of specific APIs to update the L2VPN Session and the different resources associated with it is not allowed, except for IPSec VPN Service and Local Endpoint, resources that are not system owned. API supported only when L2VPN Service is in Client Mode. operationId: CreateOrPatchTier0VpnL2VPNSessionFromPeerCodes parameters: - in: path name: tier-0-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSessionData required: true schema: $ref: '#/definitions/L2VPNSessionData' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-0 from Peer Codes tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-0s/{tier-0-id}/locale-services: get: consumes: - application/json description: | Paginated list of all Tier-0 locale-services operationId: ListTier0LocaleServices parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServicesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 locale-services tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Locale Services x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/arp-proxies: get: consumes: - application/json description: | This API is deprecated. Please use /infra/tier-0s/<tier-0-id>/arp-proxies Returns ARP proxy table for a tier-0 operationId: GetTier0ArpProxies parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-0 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp: get: consumes: - application/json description: |- Read BGP routing config operationId: ReadBgpRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpRoutingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read BGP routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If an BGP routing config not present, create BGP routing config. If it already exists, update the routing config. operationId: PatchBgpRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: body name: BgpRoutingConfig required: true schema: $ref: '#/definitions/BgpRoutingConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update BGP routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If BGP routing config is not already present, create BGP routing config. If it already exists, replace the BGP routing config with this object. operationId: CreateOrReplaceBgpRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: body name: BgpRoutingConfig required: true schema: $ref: '#/definitions/BgpRoutingConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpRoutingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors: get: consumes: - application/json description: | Paginated list of all BGP neighbor configurations operationId: ListBgpNeighborConfigs parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List BGP neighbor configurations tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/status: get: consumes: - application/json description: | Returns the status of all the BGP neighbors for the given Tier0. To get BGP neighbor status for a particular enforcement point, parameter "enforcement_point_path=<enforcement_point_path>" needs to be specified. If an enforcement_point is unspecified, then bgp neighbor status for all enforcement points is fetched. To get BGP neighbors status for the logical router from particular edge node, parameter "edge_path=<edge_path>" needs to be specified. If an edge_path is unspecified, then bgp neighbor status for all edges is fetched. operationId: GetTier0BgpNeighborsStatus parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyBgpNeighborsStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get BGP neighbor status for the Tier0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}: delete: consumes: - application/json description: |- Delete BGP neighbor config operationId: DeleteBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read BGP neighbor config operationId: ReadBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If BGP neighbor config with the neighbor-id is not already present, create a new neighbor config. If it already exists, replace the BGP neighbor config with this object. operationId: PatchBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - in: body name: BgpNeighborConfig required: true schema: $ref: '#/definitions/BgpNeighborConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If BGP neighbor config with the neighbor-id is not already present, create a new neighbor config. If it already exists, replace the BGP neighbor config with this object. operationId: CreateOrReplaceBgpNeighborConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - in: body name: BgpNeighborConfig required: true schema: $ref: '#/definitions/BgpNeighborConfig' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a BGP neighbor config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/advertised-routes: get: consumes: - application/json description: | Returns routes advertised by BGP neighbor from all edge transport nodes on which this neighbor is currently enabled. The query parameter "source=cached" is not supported. operationId: GetTier0BgpNeighborAdvertisedRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get BGP neighbor advertised routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/advertised-routes?format=csv: get: consumes: - application/json description: | Returns routes advertised by BGP neighbor from all edge transport nodes on which this neighbor is currently enabled in CSV format. Routes from all enforcement points are returned. operationId: GetTier0BgpNeighborAdvertisedRoutesInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRouteDetailsInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get BGP neighbor advertised routes in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/routes: get: consumes: - application/json description: | Returns routes learned by BGP neighbor from all edge nodes on which this neighbor is currently enabled. operationId: GetTier0BgpNeighborRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routes learned by BGP neighbor tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/bgp/neighbors/{neighbor-id}/routes?format=csv: get: consumes: - application/json description: | Returns routes learned by BGP neighbor from all edge nodes on which this neighbor is currently enabled. Routes from all enforcement points are returned. operationId: GetTier0BgpNeighborRoutesInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: neighbor-id required: true type: string - default: 1000 description: Number of routes to retrieve format: int32 in: query minimum: 1 name: count type: integer - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/BgpNeighborRouteDetailsInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routes learned by BGP neighbor in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - BGP x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/byod-service-instances: get: consumes: - application/json description: |- Read all BYOD service instance objects under a tier-0 operationId: ListByodPolicyServiceInstancesForTier0 parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ByodPolicyServiceInstanceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read all BYOD service instance objects under a tier-0 tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/byod-service-instances/{service-instance-id}: delete: consumes: - application/json description: |- Delete BYOD policy service instance operationId: DeleteByodPolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete BYOD policy service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read BYOD service instance operationId: ReadByodPolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- BYOD Service instance id in: path name: service-instance-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ByodPolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read BYOD service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create BYOD Service Instance which represent instance of service definition created on manager. operationId: PatchByodPolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- BYOD Service instance id in: path name: service-instance-id required: true type: string - in: body name: ByodPolicyServiceInstance required: true schema: $ref: '#/definitions/ByodPolicyServiceInstance' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create BYOD service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create BYOD Service Instance which represent instance of service definition created on manager. operationId: CreateByodPolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- BYOD service instance id in: path name: service-instance-id required: true type: string - in: body name: ByodPolicyServiceInstance required: true schema: $ref: '#/definitions/ByodPolicyServiceInstance' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ByodPolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create BYOD service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/byod-service-instances/{service-instance-id}/service-instance-endpoints : get: consumes: - application/json description: |- List all service instance endpoint operationId: ListPolicyServiceInstanceEndpoints parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInstanceEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/byod-service-instances/{service-instance-id}/service-instance-endpoints/{service-instance-endpoint-id} : delete: consumes: - application/json description: |- Delete service instance endpoint operationId: DeletePolicyServiceInstanceEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read service instance endpoint operationId: ReadPolicyServiceInstanceEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInstanceEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create Service instance endpoint. operationId: PatchServiceInstanceEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string - in: body name: ServiceInstanceEndpoint required: true schema: $ref: '#/definitions/ServiceInstanceEndpoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create service instance endpoint with given request if not exist. Modification of service instance endpoint is not allowed. operationId: CreateServiceInstanceEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string - in: body name: ServiceInstanceEndpoint required: true schema: $ref: '#/definitions/ServiceInstanceEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInstanceEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/endpoints/virtual-endpoints: get: consumes: - application/json description: |- List all virtual endpoints operationId: ListVirtualEndpointsForTier0 parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all virtual endpoints tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/endpoints/virtual-endpoints/{virtual-endpoint-id}: delete: consumes: - application/json description: |- Delete virtual endpoint operationId: DeleteVirtualEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read virtual endpoint with given id under given Tier0. operationId: ReadVirtualEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create or update virtual endpoint. operationId: PatchVirtualEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string - in: body name: VirtualEndpoint required: true schema: $ref: '#/definitions/VirtualEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create or update virtual endpoint. operationId: CreateOrUpdateVirtualEndpoint parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string - in: body name: VirtualEndpoint required: true schema: $ref: '#/definitions/VirtualEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces: get: consumes: - application/json description: | Paginated list of all Tier-0 Interfaces operationId: ListTier0Interfaces parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0InterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 Interfaces tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}: delete: consumes: - application/json description: |- Delete Tier-0 interface operationId: DeleteTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-0 interface operationId: ReadTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0Interface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. If it already exists, update the interface for specified attributes. operationId: PatchTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: Tier0Interface required: true schema: $ref: '#/definitions/Tier0Interface' - default: false description: Locally override the global object in: query name: override required: false type: boolean responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. If it already exists, replace the interface with this object. operationId: CreateOrReplaceTier0Interface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: Tier0Interface required: true schema: $ref: '#/definitions/Tier0Interface' - default: false description: Locally override the global object in: query name: override required: false type: boolean produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0Interface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 interface. Interfaces can be of types - EXTERNAL and SERVICE. Interfaces of type LOOBACK and downlink are not supported. operationId: GetTier0InterfaceArpProxies parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Interface Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-0 interface in CSV format. Interfaces can be of types - EXTERNAL and SERVICE. Interfaces of type LOOBACK and downlink are not supported. operationId: GetTier0InterfaceArpProxiesInCsv parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 Interface Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the tier-0 interface, on a edge node if a query parameter "edge_path=<policy-edge-path>" is given. The edge_path parameter is mandatory if the interface type is not EXTERNAL. operationId: GetTier0InterfaceArpTable parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-0 interface, on a edge node if a query parameter "edge_path=<policy-edge-path>" is given. The edge_path parameter is mandatory if the interface type is not EXTERNAL. operationId: GetTier0InterfaceArpTableCsv parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-0 interface in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/dad-state: get: consumes: - application/json description: | Get tier-0 interface DAD state information. operationId: GetTier0InterfaceDADState parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD status by interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics: get: consumes: - application/json description: | Get tier-0 interface statistics information. operationId: GetTier0InterfaceStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 interface statistics information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics/summary: get: consumes: - application/json description: | Get tier-0 interface statistics summary information. operationId: GetTier0InterfaceStatisticsSummary parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 interface statistics summary information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services: get: consumes: - application/json description: | Get paginated list of all IPSec VPN services for given locale service under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier0IPSecVpnServices parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}: delete: consumes: - application/json description: | Delete IPSec VPN service for given locale service under Tier-0. This API is deprecated. Please use DELETE /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: DeleteTier0IPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn get: consumes: - application/json description: | Get IPSec VPN service for given locale service under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier0IPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn patch: consumes: - application/json description: | Create or patch IPSec VPN service for given locale service under Tier-0. This API is deprecated. Please use PATCH /infra/tier-0s/<tier-0-id>/ ipsec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchTier0IPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN service for given locale service under Tier-0. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrUpdateTier0IPSecVpnService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/local-endpoints: get: consumes: - application/json description: | Get paginated list of all IPSec VPN local endpoints for a given locale service under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/local-endpoints instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier0IPSecVpnLocalEndpoints parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/local-endpoints/{local-endpoint-id} : delete: consumes: - application/json description: | Delete IPSec VPN local endpoint for a given locale service under Tier-0. This API is deprecated. Please use DELETE /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: DeleteTier0IPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn get: consumes: - application/json description: | Get IPSec VPN local endpoint for a given locale service under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier0IPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn patch: consumes: - application/json description: | Create or patch a custom IPSec VPN local endpoint for a given locale service under Tier-0. This API is deprecated. Please use PATCH /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: CreateOrPatchTier0IPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a custom IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN local endpoint for a given locale service under Tier-0. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: CreateOrUpdateTier0IPSecVpnLocalEndpoint parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions: get: consumes: - application/json description: | Get paginated list of all IPSec VPN sessions for a given locale service under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier0IPSecVpnSessions parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN sessions list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: | Delete IPSec VPN session for a given locale service under Tier-0. This API is deprecated. Please use DELETE /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: DeleteTier0IPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn get: consumes: - application/json description: | Get IPSec VPN session without sensitive data for a given locale service under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier0IPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn patch: consumes: - application/json description: | Create or patch an IPSec VPN session for a given locale service under Tier-0. This API is deprecated. Please use PATCH /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: CreateOrPatchTier0IPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN session for a given locale service under Tier-0. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: CreateOrUpdateTier0IPSecVpnSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/detailed-status : get: consumes: - application/json description: | - no enforcement point path specified: detailed status is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed status is fetched realtime from the enforcement point. - source=cached: cached detailed status from enforcement point is returned. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id>/detailed-status instead. operationId: GetTier0IPSecVpnSessionStatus parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session detailed status under Tier-0 tags: - Policy - Networking - Network Services - VPN - IPSEC - Status x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/peer-config : get: consumes: - application/json description: | Download IPSec VPN configuration for the peer site. Peer config also contains PSK; be careful when sharing or storing it. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/peer-config instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier0IPSecVpnPeerConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - text/plain; charset=utf-8 responses: '200': description: OK schema: type: string '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN configuration for the peer site tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/statistics : get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from enforcement point are returned. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id>/statisticsinstead. operationId: GetTier0IPSecVpnSessionStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session statistics under Tier-0 tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics post: consumes: - application/json description: | Resets the statistics of the given VPN session. Since source of data is enforcement point, data is reset there. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id>/statistics instead. operationId: ResetTier0IPSecVpnSessionStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: Action on statistics enum: - reset in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset the statistics of the given VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}?action=show_sensitive_data : get: consumes: - application/json description: | Get IPSec VPN session with senstive data for a given locale service under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>?action=show_sensitive_data instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier0IPSecVpnSessionWithSensitiveData parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/summary: get: consumes: - application/json description: | Summarized view of all tier-0 IPSec VPN sessions for a specified service. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ipsec-vpn-services/<service-id>/summary instead. operationId: GetTier0IpsecVpnSessionSummary parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIpsecVpnIkeServiceSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session Summary tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Summary x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-context: get: consumes: - application/json description: | Read L2Vpn Context. This API is deprecated. Please use GET /infra/tier-0s//locale-services/ /l2vpn-services/default instead. operationId: ReadL2VpnContext parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VpnContext' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an L2Vpn Context tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyL2Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-context/l2vpns: get: consumes: - application/json description: | Paginated list of L2Vpns. This API is deprecated. Please use GET /infra/tier-0s//locale-services/ /l2vpn-services/default/sessions instead. If used, this deprecated API will only return L2Vpns that were created through the deprecated PATCH and PUT /infra/tier-0s//locale-services//l2vpn-context/ l2vpns/ APIs. operationId: ListL2Vpns parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VpnListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List L2Vpns tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyL2Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-context/l2vpns/{l2vpn-id}: delete: consumes: - application/json description: | Delete the L2Vpn with the given id. This API is deprecated. Please use DELETE /infra/tier-0s//locale-services/ /l2vpn-services/default/sessions/ instead. If used, this deprecated API will result in the L2VPNSession being deleted: - L2VPNSession: /infra/tier-0s//locale-services//l2vpn-services/ default/sessions/L2VPN_. operationId: DeleteL2Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l2vpn-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an L2Vpn tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyL2Vpn get: consumes: - application/json description: | Read the L2Vpn with the given id. This API is deprecated. Please use GET /infra/tier-0s//locale-services/ /l2vpn-services/default/sessions/L2VPN_ instead. operationId: ReadL2Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l2vpn-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2Vpn' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an L2Vpn tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyL2Vpn patch: consumes: - application/json description: | Create a new L2Vpn if the L2Vpn with given id does not already exist. If the L2Vpn with the given id already exists, merge with the existing L2Vpn. This is a patch. This API is deprecated. Please use PATCH /infra/tier-0s//locale-services/ /l2vpn-services/default/sessions/ instead. If used, this deprecated API will result in an L2VPNSession being internally created/patched: - L2VPNSession: /infra/tier-0s//locale-services//l2vpn-services/ default/sessions/L2VPN_. operationId: CreateOrPatchL2Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l2vpn-id required: true type: string - in: body name: L2Vpn required: true schema: $ref: '#/definitions/L2Vpn' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2Vpn tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyL2Vpn put: consumes: - application/json description: | Create a new L2Vpn if the L2Vpn with given id does not already exist. If the L2Vpn with the given id already exists, update the existing L2Vpn. This is a full replace. This API is deprecated. Please use PUT /infra/tier-0s//locale-services/ /l2vpn-services/default/sessions/ instead. If used, this deprecated API will result in an L2VPNSession being internally created/updated: - L2VPNSession: /infra/tier-0s//locale-services//l2vpn-services/ default/sessions/L2VPN_. operationId: CreateOrReplaceL2Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l2vpn-id required: true type: string - in: body name: L2Vpn required: true schema: $ref: '#/definitions/L2Vpn' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2Vpn' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace an L2Vpn tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyL2Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-context/l2vpns/{l2vpn-id}/peer-config: get: consumes: - application/json description: | Get peer config for the L2Vpn to configure the remote side of the tunnel. - no enforcement point path specified: L2Vpn Peer Codes will be evaluated on each enforcement point. - {enforcement_point_path}: L2Vpn Peer Codes are evaluated only on the given enforcement point. This API is deprecated. Please use GET /infra/tier-0s//locale-services/ /l2vpn-services/default/sessions/L2VPN_/peer-config instead. operationId: ReadL2VpnPeerConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l2vpn-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VpnPeerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Peer Config for L2Vpn tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyL2Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-context/l2vpns/{l2vpn-id}/statistics: get: consumes: - application/json description: | Get statistics of an L2Vpn. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/locale-services/ <locale-service-id>/l2vpn-services/default/sessions/L2VPN_<l2vpn-id>/statistics instead. operationId: GetL2VpnStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l2vpn-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VpnStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2Vpn statistics tags: - Policy - Networking - Network Services - VPN - L2VPN - Statistics x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services: get: consumes: - application/json description: | Get paginated list of all L2VPN services under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/l2vpn-services instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListL2VPNServices parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service list result under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}: delete: consumes: - application/json description: | Delete L2VPN service for given Tier-0 locale service. This API is deprecated. Please use DELETE /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: DeleteL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN get: consumes: - application/json description: | Get L2VPN service for given Tier-0 locale service. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN patch: consumes: - application/json description: | Create or patch L2VPN service for given Tier-0 locale service. This API is deprecated. Please use PATCH /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN put: consumes: - application/json description: | Create or fully replace L2VPN service for given Tier-0 locale service. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrUpdateL2VPNService parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN service under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions: get: consumes: - application/json description: | Get paginated list of all L2VPN sessions under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ l2vpn-services/<service-id>/sessions instead. Note: The API will return a new VPN path for "transport_tunnels" in the response payload instead of the deprecated API path Both paths refer to the same object. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListL2VPNSessions parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN sessions list result under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: | Delete L2VPN session under Tier-0. When L2VPN Service is in CLIENT Mode, the L2VPN Session is deleted along with its transpot tunnels and related resources. This API is deprecated. Please use DELETE /infra/tier-0s/<tier-0-id>/ l2vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: DeleteL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN get: consumes: - application/json description: | Get L2VPN session under Tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/ l2vpn-services/<service-id>/sessions/<session-id> instead. Note: The API will return a new VPN path for "transport_tunnels" in the response payload instead of the deprecated API path Both paths refer to the same object. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN Session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN patch: consumes: - application/json description: | Create or patch an L2VPN session under Tier-0. API supported only when L2VPN Service is in Server Mode. This API is deprecated. Please use PATCH /infra/tier-0s/<tier-0-id>/ l2vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN put: consumes: - application/json description: | Create or fully replace L2VPN session under Tier-0. API supported only when L2VPN Service is in Server Mode. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-0s/<tier-0-id>/ l2vpn-services/<service-id>/sessions/<session-id> instead. Note: The API will return a new VPN path for "transport_tunnels" in the response payload instead of the deprecated API path Both paths refer to the same object. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrUpdateL2VPNSession parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN session under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/detailed-status : get: consumes: - application/json description: | - no enforcement point path specified: detailed tatus is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed tatus is fetched realtime from the enforcement point. - source=cached: cached detailed status is returned. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id>/ sessions/<session-id>/detailed-status instead. operationId: GetL2VpnSessionStatus parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session detailed status under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Status x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/peer-config : get: consumes: - application/json description: | Get peer config for the Tier-0 L2VPN session to configure the remote side of the tunnel. - no enforcement point path specified: L2VPN Session Peer Codes will be evaluated on each enforcement point. - enforcement point paths specified: L2VPN Session Peer Codes are evaluated only on the given enforcement points. API supported only when L2VPN Service is in Server Mode. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id>/ sessions/<session-id>/peer-config instead. Note: The "transport_tunnel_path" returned in the payload wil be a new vpn path instead of the deprecated API path. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetL2VPNSessionPeerConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionPeerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-0 L2VPN session configuration for the peer site tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/remote-mac : get: consumes: - application/json description: | Returns L2Vpn session remote macs for a logical switch. Data is fetched from enforcement point. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id>/ sessions/<session-id>/remote-mac instead. operationId: GetTier0L2VpnSessionRemoteMacsForLS parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Segment Path in: query name: segment_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VpnSessionRemoteMac' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2Vpn session remote mac for logical switch tags: - Policy - Networking - Network Services - VPN - L2VPN - Remote-Mac x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/statistics : get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from the enforcement point are returned. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id>/ sessions/<session-id>/statistics instead. operationId: GetL2VpnSessionStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session statistics under Tier-0 tags: - Policy - Networking - Network Services - VPN - L2VPN - Statistics x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}?action=create_with_peer_code : post: consumes: - application/json description: | Create or patch an L2VPN session under Tier-0 from Peer Codes. In addition to the L2VPN Session, the IPSec VPN Session, along with the IKE, Tunnel, and DPD Profiles are created and owned by the system. IPSec VPN Service and Local Endpoint are created only when required, i.e., an IPSec VPN Service does not already exist, or an IPSec VPN Local Endpoint with same local address does not already exist. Updating the L2VPN Session can be performed only through this API by specifying new peer codes. Use of specific APIs to update the L2VPN Session and the different resources associated with it is not allowed, except for IPSec VPN Service and Local Endpoint, resources that are not system owned. API supported only when L2VPN Service is in Client Mode. This API is deprecated. Please use POST /infra/tier-0s/<tier-0-id>/l2vpn-services/<service-id>/ sessions/<session-id>?action=create_with_peer_code instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchL2VPNSessionFromPeerCodes parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSessionData required: true schema: $ref: '#/definitions/L2VPNSessionData' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-0 from Peer Codes tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l3vpn-context: get: consumes: - application/json description: | Read the L3Vpn Context under tier-0. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/locale-services/ <locale-service-id>/ipsec-vpn-services/default instead. operationId: ReadL3VpnContext parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L3VpnContext' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the L3Vpn Context tags: - Policy - Networking - Network Services - VPN - IPSEC - Services - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l3vpns: get: consumes: - application/json description: | Paginated list of L3Vpns. This API is deprecated. Please use the following APIs instead: - GET /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions to list all IPSecVpnSessions. - GET /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/local-endpoints to list all IPSecVpnLocalEndpoints. - GET /infra/ipsec-vpn-tunnel-profiles to list all IPSecVpnTunnelProfiles. - GET /infra/ipsec-vpn-ike-profiles to list all IPSecVpnIkeProfiles. - GET /infra/ipsec-vpn-dpd-profiles to list all IPSecVpnDpdProfiles. If used, this deprecated API will only return L3Vpns that were created through the deprecated PATCH and PUT /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/l3vpns/<l3vpn-id> APIs. operationId: ListL3Vpns parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Resource type of L3Vpn Session enum: - PolicyBasedL3VpnSession - RouteBasedL3VpnSession in: query name: l3vpn_session required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L3VpnListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List L3Vpns tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l3vpns/{l3vpn-id}: delete: consumes: - application/json description: | Delete the L3Vpn with the given id. This API is deprecated. Please use the following APIs instead: - DELETE /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions/L3VPN_<l3vpn-id> to delete the associated IPSecVpnSession. - DELETE /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/local-endpoints/<local-endpoint-id> to delete the associated IPSecVpnLocalEndpoint. - DELETE /infra/ipsec-vpn-tunnel-profiles/L3VPN_<l3vpn-id> to delete the associated IPSecVpnTunnelProfile. - DELETE /infra/ipsec-vpn-ike-profiles/L3VPN_<l3vpn-id> to delete the associated IPSecVpnIkeProfile. - DELETE /infra/ipsec-vpn-dpd-profiles/L3VPN_<l3vpn-id> to delete the associated IPSecVpnDpdProfile. If used, this deprecated API will result in the following objects being internally deleted: - IPSecVpnSession: /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ ipsec-vpn-services/default/sessions/L3VPN_<l3vpn-id>. - IPSecVpnLocalEndpoint: /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ ipsec-vpn-services/default/local-endpoints/<local-endpoint-id> when not used by other IPSecVpnSessions. - IPSecVpnTunnelProfile: /infra/ipsec-vpn-tunnel-profiles/L3VPN_<l3vpn-id>. - IPSecVpnIkeProfile: /infra/ipsec-vpn-ike-profiles/L3VPN_<l3vpn-id>. - IPSecVpnDpdProfile: /infra/ipsec-vpn-dpd-profiles/L3VPN_<l3vpn-id>. operationId: DeleteL3Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l3vpn-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete an L3Vpn tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn get: consumes: - application/json description: | Read the L3Vpn with the given id. No sensitive data is returned as part of the response. This API is deprecated. Please use the following APIs instead: - GET /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions/L3VPN_<l3vpn-id> to get the associated IPSecVpnSession. - GET /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/local-endpoints/<local-endpoint-id> to get the associated IPSecVpnLocalEndpoint. - GET /infra/ipsec-vpn-tunnel-profiles/L3VPN_<l3vpn-id> to get the associated IPSecVpnTunnelProfile. - GET /infra/ipsec-vpn-ike-profiles/L3VPN_<l3vpn-id> to get the associated IPSecVpnIkeProfile. - GET /infra/ipsec-vpn-dpd-profiles/L3VPN_<l3vpn-id> to get the associated IPSecVpnDpdProfile. If used, this deprecated API will not return L3Vpn with <l3vpn-id> id unless the associated IPSecVpnSession with L3VPN_<l3vpn-id> id exists. For example, if the IPSecVpnSession gets deleted using DELETE /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions/L3VPN_<l3vpn-id>, the deprecated API will throw an ObjectNotFoundException. operationId: ReadL3Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l3vpn-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L3Vpn' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an L3Vpn tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn patch: consumes: - application/json description: | Create the new L3Vpn if it does not exist. If the L3Vpn already exists, merge with the the existing one. This is a patch. - If the passed L3Vpn is a policy-based one and has new L3VpnRules, add them to the existing L3VpnRules. - If the passed L3Vpn is a policy-based one and also has existing L3VpnRules, update the existing L3VpnRules. This API is deprecated. Please use the following APIs instead: - PATCH /infra/ipsec-vpn-tunnel-profiles/<tunnel-profile-id> to patch the IPSecVpnTunnelProfile. - PATCH /infra/ipsec-vpn-ike-profiles/<ike-profile-id> to patch the IPSecVpnIkeProfile. - PATCH /infra/ipsec-vpn-dpd-profiles/<dpd-profile-id> to patch the IPSecVpnDpdProfile. - PATCH /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/local-endpoints/<local-endpoint-id> to patch the IPSecVpnLocalEndpoint. - PATCH /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions/<l3vpn-id> to patch the IPSecVpnSession. If used, this deprecated API will result in the following objects being internally created/patched: - IPSecVpnTunnelProfile: /infra/ipsec-vpn-tunnel-profiles/L3VPN_<l3vpn-id>. - IPSecVpnIkeProfile: /infra/ipsec-vpn-ike-profiles/L3VPN_<l3vpn-id>. - IPSecVpnDpdProfile: /infra/ipsec-vpn-dpd-profiles/L3VPN_<l3vpn-id>. - IPSecVpnLocalEndpoint: /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ ipsec-vpn-services/default/local-endpoints/<local-endpoint-id>. If an object with the same "local_address" already exists, then it will be re-used. - IPSecVpnSession: /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ ipsec-vpn-services/default/sessions/L3VPN_<l3vpn-id>. operationId: CreateOrPatchL3Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l3vpn-id required: true type: string - in: body name: L3Vpn required: true schema: $ref: '#/definitions/L3Vpn' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L3Vpn tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn put: consumes: - application/json description: | Create a new L3Vpn if the L3Vpn with given id does not already exist. If the L3Vpn with the given id already exists, replace the existing L3Vpn. This a full replace. This API is deprecated. Please use the following APIs instead: - PUT /infra/ipsec-vpn-tunnel-profiles/<tunnel-profile-id> to update the IPSecVpnTunnelProfile. - PUT /infra/ipsec-vpn-ike-profiles/<ike-profile-id> to update the IPSecVpnIkeProfile. - PUT /infra/ipsec-vpn-dpd-profiles/<dpd-profile-id> to update the IPSecVpnDpdProfile. - PUT /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/local-endpoints/<local-endpoint-id> to update the IPSecVpnLocalEndpoint. - PUT /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions/<l3vpn-id> to update the IPSecVpnSession. If used, this deprecated API will result in the following objects being internally created/updated: - IPSecVpnTunnelProfile: /infra/ipsec-vpn-tunnel-profiles/L3VPN_<l3vpn-id>. - IPSecVpnIkeProfile: /infra/ipsec-vpn-ike-profiles/L3VPN_<l3vpn-id>. - IPSecVpnDpdProfile: /infra/ipsec-vpn-dpd-profiles/L3VPN_<l3vpn-id>. - IPSecVpnLocalEndpoint: /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ ipsec-vpn-services/default/local-endpoints/<local-endpoint-id>. If an object with the same "local_address" already exists, then it will be re-used. - IPSecVpnSession: /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ ipsec-vpn-services/default/sessions/L3VPN_<l3vpn-id>. operationId: CreateOrReplaceL3Vpn parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l3vpn-id required: true type: string - in: body name: L3Vpn required: true schema: $ref: '#/definitions/L3Vpn' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L3Vpn' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace an L3Vpn tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l3vpns/{l3vpn-id}/peer-config: get: consumes: - application/json description: | Get the L3Vpn Configuration for the peer site. Peer config contains PSK; be careful when sharing or storing it. - no enforcement point path specified: L3Vpn Peer Config will be evaluated on each enforcement point. - {enforcement_point_path}: L3Vpn Peer Config is evaluated only on the given enforcement point. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/locale-services/ <locale-service-id>/ipsec-vpn-services/default/sessions/L3VPN_<l3vpn-id>/peer-config instead. operationId: ReadL3VpnPeerConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l3vpn-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - text/plain; charset=utf-8 responses: '200': description: OK schema: type: string '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Download L3Vpn Config for Remote Site tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l3vpns/{l3vpn-id}/statistics: get: consumes: - application/json description: | Get statistics of an L3Vpn. - no enforcement point path specified: Stats will be evaluated on each enforcement point. - {enforcement_point_path}: Stats are evaluated only on the given enforcement point. This API is deprecated. Please use GET /infra/tier-0s/<tier-0-id>/locale-services/ <locale-service-id>/ipsec-vpn-services/default/sessions/L3VPN_<l3vpn-id>/statistics instead. operationId: GetL3VpnStatistics parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l3vpn-id required: true type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL3VpnStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L3Vpn statistics tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/l3vpns/{l3vpn-id}?action=show_sensitive_data: get: consumes: - application/json description: | Read the L3Vpn with the given id. Sensitive data is returned as part of the response. This API is deprecated. Please use the following APIs instead: - GET /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions/L3VPN_<l3vpn-id>?action=show_sensitive_data to get the associated IPSecVpnSession. - GET /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/local-endpoints/<local-endpoint-id> to get the associated IPSecVpnLocalEndpoint. - GET /infra/ipsec-vpn-tunnel-profiles/L3VPN_<l3vpn-id> to get the associated IPSecVpnTunnelProfile. - GET /infra/ipsec-vpn-ike-profiles/L3VPN_<l3vpn-id> to get the associated IPSecVpnIkeProfile. - GET /infra/ipsec-vpn-dpd-profiles/L3VPN_<l3vpn-id> to get the associated IPSecVpnDpdProfile. If used, this deprecated API will not return L3Vpn with <l3vpn-id> id unless the associated IPSecVpnSession with L3VPN_<l3vpn-id> id exists. For example, if the IPSecVpnSession gets deleted using DELETE /infra/tier-0s/<tier-0-id>/locale-services/<locale-service-id>/ipsec-vpn-services/ default/sessions/L3VPN_<l3vpn-id>, the deprecated API will throw an ObjectNotFoundException. operationId: ReadL3VpnWithSensitiveData parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: l3vpn-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L3Vpn' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read an L3Vpn tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Tier-0 Gateways x-vmw-nsx-module: PolicyL3Vpn /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf: get: consumes: - application/json description: | Read OSPF routing config operationId: ReadOspfRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfRoutingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read OSPF routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf patch: consumes: - application/json description: | If OSPF routing config is not already present, create OSPF routing config. If it already exists, replace the OSPF routing config with this object. operationId: PatchOspfRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: body name: OspfRoutingConfig required: true schema: $ref: '#/definitions/OspfRoutingConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfRoutingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a OSPF routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf put: consumes: - application/json description: | If OSPF routing config is not already present, create OSPF routing config. If it already exists, replace the OSPF routing config with this object. operationId: CreateOrReplaceOspfRoutingConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: body name: OspfRoutingConfig required: true schema: $ref: '#/definitions/OspfRoutingConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfRoutingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a OSPF routing config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf/areas: get: consumes: - application/json description: | List all OSPF area configurations. operationId: ListPolicyOspfAreaConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfAreaConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List OSPF area configurations tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf/areas/{area-id}: delete: consumes: - application/json description: | Delete OSPF Area config operationId: DeleteOspfAreaConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: area-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete OSPF Area config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf get: consumes: - application/json description: | Read OSPF Area config operationId: ReadOspfAreaConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: area-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfAreaConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read OSPF Area config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf patch: consumes: - application/json description: | If OSPF Area config is not already present, create OSPF Area config. If it already exists, replace the OSPF Area config with this object. operationId: PatchOspfAreaConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: area-id required: true type: string - in: body name: OspfAreaConfig required: true schema: $ref: '#/definitions/OspfAreaConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfAreaConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a OSPF Area config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf put: consumes: - application/json description: | If OSPF Area config is not already present, create OSPF Area config. If it already exists, replace the OSPF Area config with this object. operationId: CreateOrReplaceOspfAreaConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: area-id required: true type: string - in: body name: OspfAreaConfig required: true schema: $ref: '#/definitions/OspfAreaConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfAreaConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a OSPF Area config tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyOspf /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf/database: get: consumes: - application/json description: | Get OSPF database information. operationId: GetOspfDatabase parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: OSPF area identifier in: query name: area_id required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyOspfDatabaseListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get OSPF database information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf/database?format=csv: get: consumes: - application/json description: | Get OSPF Database information in CSV format. operationId: GetOspfDatabaseInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: OSPF area identifier in: query name: area_id required: false type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/OspfDatabaseListResultInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get OSPF Database information in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf/neighbors: get: consumes: - application/json description: | Get OSPF neighbor information. operationId: GetOspfNeighbors parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPv4 or IPv6 address format: ip in: query name: neighbor_address required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfNeighborsStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get OSPF neighbor information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf/routes: get: consumes: - application/json description: | Get OSPF route information. operationId: GetOspfRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge in: query name: edge_path required: false type: string - description: Enforcement point path in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: CIDR network address in: query name: network_prefix required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/OspfRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get OSPF route information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/ospf/routes?format=csv: get: consumes: - application/json description: | Get OSPF route information in CSV format. operationId: GetOspfRoutesInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge in: query name: edge_path required: false type: string - description: Enforcement point path in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: CIDR network address in: query name: network_prefix required: false type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/OspfRoutesListResultInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get OSPF route information in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - OSPF x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-instances: get: consumes: - application/json description: |- Read all service instance objects under a tier-0 operationId: ReadAllPolicyServiceInstancesForTier0 parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstanceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read all service instance objects under a tier-0 tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-instances/{service-instance-id}: delete: consumes: - application/json description: |- Delete policy service instance operationId: DeletePolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete policy service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read service instance operationId: ReadPolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create Service Instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. operationId: PatchPolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - in: body name: PolicyServiceInstance required: true schema: $ref: '#/definitions/PolicyServiceInstance' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create service instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. operationId: CreatePolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - in: body name: PolicyServiceInstance required: true schema: $ref: '#/definitions/PolicyServiceInstance' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-instances/{service-instance-id}/statistics: get: consumes: - application/json description: | Get statistics for all data NICs on all runtimes associated with this PolicyServiceInstance. operationId: GetPolicyServiceInstanceStatistics parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstanceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for all runtimes associated with this PolicyServiceInstance tags: - Policy - Security - Service Insertion - Statistics x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-instances/{service-instance-id}?action=reauth: post: consumes: - application/json description: | Use this API when an alarm complaining JWT expiry is raised while deploying partner service VM. The OVF for partner service needs to be downloaded from partner services provider. It might be possible that the authentication token for this communication is expired when the service VM deployment starts. That will either require re-login through UI or use of this API. Certain authentication and authorization steps are internally processed in order to enable communication with partner service provider. This API offers the functionality to re-establish communication with partner services provider. This API needs open id and access token to be passed as headers. Those can be obtained from CSP authorize API. Please make sure to pass headers - Authorization:<Bearer ACCESS_TOKEN> and X-NSX-OpenId:<OPEN_ID>. operationId: RenewAuthenticationTokensForPolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-0-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': description: Internal Server Error '503': $ref: '#/responses/ServiceUnavailable' summary: |- Renew the authentication tokens tags: - Policy - Security - Service Insertion - Service Instances - Tier-0 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-interfaces: get: consumes: - application/json description: | Paginated list of all Service Interfaces operationId: ListServiceInterfaces parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Service Interfaces tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/service-interfaces/{interface-id}: delete: consumes: - application/json description: |- Delete service interface operationId: DeleteServiceInterface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete service interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read service interface operationId: ReadServiceInterface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read service interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. If it already exists, update the interface for specified attributes. operationId: PatchServiceInterface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: ServiceInterface required: true schema: $ref: '#/definitions/ServiceInterface' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. Modification of service interface is not allowed. operationId: CreateServiceInterface parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: ServiceInterface required: true schema: $ref: '#/definitions/ServiceInterface' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a service interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/tier-0-deployment-maps: get: consumes: - application/json description: | Paginated list of all Tier-0 Deployment Entries. operationId: ListTier0DeploymentMaps parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0DeploymentMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 Deployment maps tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/tier-0s/{tier-0-id}/locale-services/{locale-service-id}/tier-0-deployment-maps/{tier-0-deployment-map-id}: delete: consumes: - application/json description: |- Delete Tier-0 Deployment Map operationId: DeleteTier0DeploymentMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: tier-0-deployment-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-0 Deployment Map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement get: consumes: - application/json description: | Read a Tier-0 Deployment Map operationId: ReadTier0DeploymentMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: tier-0-deployment-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0DeploymentMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a Tier-0 Deployment Map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement patch: consumes: - application/json description: | If the passed Tier-0 Deployment Map does not already exist, create a new Tier-0 Deployment Map. If it already exists, patch it. operationId: PatchTier0DeploymentMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: tier-0-deployment-map-id required: true type: string - in: body name: Tier0DeploymentMap required: true schema: $ref: '#/definitions/Tier0DeploymentMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0DeploymentMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a Tier-0 Deployment Map under Tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement put: consumes: - application/json description: | If the passed Tier-0 Deployment Map does not already exist, create a new Tier-0 Deployment Map. If it already exists, replace it. operationId: CreateOrUpdateTier0DeploymentMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: tier-0-deployment-map-id required: true type: string - in: body name: Tier0DeploymentMap required: true schema: $ref: '#/definitions/Tier0DeploymentMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0DeploymentMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a new Tier-0 Deployment Map under Tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Deployment Maps x-vmw-nsx-module: PolicyEnforcementPointManagement /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}: delete: consumes: - application/json description: |- Delete Tier-0 locale-services operationId: DeleteTier0LocaleServices parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-0 locale-services tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Locale Services x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-0 locale-services operationId: ReadTier0LocaleServices parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 locale-services tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Locale Services x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a Tier-0 locale-services with the locale-services-id is not already present, create a new locale-services. If it already exists, update Tier-0 locale-services with specified attributes. operationId: PatchTier0LocaleServices parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: body name: LocaleServices required: true schema: $ref: '#/definitions/LocaleServices' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a tier-0 locale-services tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Locale Services x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a Tier-0 locale-services with the locale-services-id is not already present, create a new locale-services. If it already exists, replace the Tier-0 locale-services instance with the new object. operationId: CreateOrReplaceTier0LocaleServices parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: body name: LocaleServices required: true schema: $ref: '#/definitions/LocaleServices' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 locale-services tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Locale Services x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/evpn-tunnel-endpoints: get: consumes: - application/json description: | List all evpn tunnel endpoint configuration. operationId: ListEvpnTunnelEndpointConfig parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnTunnelEndpointConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List evpn tunnel endpoint configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Tunnel Endpoints x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/evpn-tunnel-endpoints/{tunnel-endpoint-id}: delete: consumes: - application/json description: |- Delete evpn tunnel endpoint configuration. operationId: DeleteEvpnTunnelEndpointConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: |- locale services id in: path name: locale-services-id required: true type: string - description: |- tunnel endpoint id in: path name: tunnel-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete evpn tunnel endpoint configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Tunnel Endpoints x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read evpn tunnel endpoint configuration. operationId: ReadEvpnTunnelEndpointConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: |- locale services id in: path name: locale-services-id required: true type: string - description: |- tunnel endpoint id in: path name: tunnel-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnTunnelEndpointConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read evpn tunnel endpoint configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Tunnel Endpoints x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create a evpn tunnel endpoint config if the tunnel-endpoint-id is not already present, otherwise update the tunnel endpoint configuration. operationId: PatchEvpnTunnelEndpointConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: |- locale services id in: path name: locale-services-id required: true type: string - description: |- tunnel endpoint id in: path name: tunnel-endpoint-id required: true type: string - in: body name: EvpnTunnelEndpointConfig required: true schema: $ref: '#/definitions/EvpnTunnelEndpointConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update evpn tunnel endpoint configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Tunnel Endpoints x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create or update evpn tunnel endpoint configuration. operationId: CreateOrUpdateEvpnTunnelEndpointConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: |- locale services id in: path name: locale-services-id required: true type: string - description: |- tunnel endpoint id in: path name: tunnel-endpoint-id required: true type: string - in: body name: EvpnTunnelEndpointConfig required: true schema: $ref: '#/definitions/EvpnTunnelEndpointConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/EvpnTunnelEndpointConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update evpn tunnel endpoint configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - EVPN Setting - EVPN Tunnel Endpoints x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of Gateway Firewall rules associated with the Tier-0 Locale Services. The gateway policies are returned in the order of category and sequence number. operationId: ViewTier0LocaleServicesGatewayFirewall parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-0 LocalServices. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-0 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast: get: consumes: - application/json description: | Read Multicast Configuration. operationId: ReadPolicyMulticastConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: |- locale services id in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Multicast Configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyMulticast patch: consumes: - application/json description: | Create or update a Tier-0 multicast configuration defining the multicast replication range, the IGMP or a PIM profile. It will update the configuration if there is already one in place. operationId: PatchPolicyMulticastConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: |- locale services id in: path name: locale-services-id required: true type: string - in: body name: PolicyMulticastConfig required: true schema: $ref: '#/definitions/PolicyMulticastConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update multicast configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyMulticast put: consumes: - application/json description: | Create or update a Tier-0 multicast configuration defining the multicast replication range, the IGMP or a PIM profile. It will update the configuration if there is already one in place. operationId: CreateOrUpdatePolicyMulticastConfig parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: |- locale services id in: path name: locale-services-id required: true type: string - in: body name: PolicyMulticastConfig required: true schema: $ref: '#/definitions/PolicyMulticastConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update multicast configuration tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyMulticast /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/forwarding: get: consumes: - application/json description: | Get Multicast Forwarding. operationId: GetPolicyMulticastForwarding parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastForwarding' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Multicast Forwarding tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/forwarding?format=csv: get: consumes: - application/json description: | Get Multicast Forwarding In CSV Format. operationId: GetPolicyMulticastForwardingInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastForwardingInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Multicast Forwarding In Csv Format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/igmp-memberships: get: consumes: - application/json description: | Get Igmp Memberships. operationId: GetPolicyIgmpMemberships parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IgmpMemberships' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IGMP Memberships tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/igmp-memberships?format=csv: get: consumes: - application/json description: | Get Igmp Memberships in CSV format. operationId: GetPolicyIgmpMembershipsInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/IgmpMembershipsInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IGMP Memberships in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/pim-rp-mappings: get: consumes: - application/json description: | Get PIM Rendezvous Point Mappings. operationId: GetPolicyPimRpMappings parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PimRpMappings' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PIM Rendezvous Point Mappings tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/pim-rp-mappings?format=csv: get: consumes: - application/json description: | Get PIM Rendezvous Point Mappings In CSV Format. operationId: GetPolicyPimRpMappingsInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PimRpMappingsInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get PIM Rendezvous Point Mappings In CSV Format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/routes: get: consumes: - application/json description: | Get Multicast Routes. operationId: GetPolicyMulticastRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Multicast Routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/locale-services/{locale-services-id}/multicast/routes?format=csv: get: consumes: - application/json description: | Get Multicast Routes in CSV Format. operationId: GetPolicyMulticastRoutesInCsvFormat parameters: - in: path name: tier-0-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastRoutesInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Multicast Routes in Csv Format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/nat: get: consumes: - application/json description: | List all NAT sections under the given Tier-0 ID. For more details related to NAT section please refer to PolicyNAT schema. operationId: ListPolicyNatOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy NAT types. tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT /infra/tier-0s/{tier-0-id}/nat/statistics: get: consumes: - application/json description: |- List NAT Rules Statistics from Tier-0 denoted by Tier-0 ID. operationId: ListPolicyNatRulesStatisticsFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsPerLogicalRouterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /infra/tier-0s/{tier-0-id}/nat/{nat-id}/nat-rules: get: consumes: - application/json description: | List NAT Rules from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PATCH/PUT API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: ListPolicyNatRulesFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT /infra/tier-0s/{tier-0-id}/nat/{nat-id}/nat-rules/{nat-rule-id}: delete: consumes: - application/json description: |- Delete NAT Rule from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. operationId: DeletePolicyNatRuleFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT get: consumes: - application/json description: | Get NAT Rule from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PUT/PATCH API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: GetPolicyNatRuleFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT patch: consumes: - application/json description: | If a NAT Rule is not already present on Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>, create a new NAT Rule. If it already exists, update the NAT Rule. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PATCH API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: PatchPolicyNatRuleOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - in: body name: PolicyNatRule required: true schema: $ref: '#/definitions/PolicyNatRule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a NAT Rule on tier-0 tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT put: consumes: - application/json description: | Update NAT Rule on Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PUT API, the path returned in the PUT/GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: CreateOrReplacePolicyNatRuleOnTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - in: body name: PolicyNatRule required: true schema: $ref: '#/definitions/PolicyNatRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-0 Gateways x-vmw-nsx-module: PolicyNAT /infra/tier-0s/{tier-0-id}/nat/{nat-id}/nat-rules/{nat-rule-id}/statistics: get: consumes: - application/json description: | Get NAT Rule Statistics from Tier-0 denoted by Tier-0 ID, under NAT section denoted by <nat-id>. Under tier-0 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. operationId: GetPolicyNatRuleStatisticsFromTier0 parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - description: Action on statistics enum: - aggregate in: query name: action required: false type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /infra/tier-0s/{tier-0-id}/prefix-lists: get: consumes: - application/json description: | Paginated list of all prefix lists operationId: ListPrefixLists parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PrefixListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List prefix lists tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Prefix List x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/prefix-lists/{prefix-list-id}: delete: consumes: - application/json description: |- Delete a prefix list operationId: DeletePrefixList parameters: - in: path name: tier-0-id required: true type: string - in: path name: prefix-list-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a prefix list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Prefix List x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read a prefix list operationId: ReadPrefixList parameters: - in: path name: tier-0-id required: true type: string - in: path name: prefix-list-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PrefixList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a prefix list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Prefix List x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If prefix list for prefix-list-id is not already present, create a prefix list. If it already exists, patch prefix list for prefix-list-id. Note: Patching existing prefix-list's "prefixes" property will overwrite the existing prefixes. GET and PATCH is the expected set of operations to update or append new entries to the existig prefixes. Patching existing prefixes require order to be preserved to avoid traffic impact. During PATCH operation, reordering of existing prefixes may impact routes and eventually datapath. Order here is crucial and it all depends upon action. If action for every prefix is PERMIT then order may not impact but if there is DENY prefix then change in ordering could lead to traffic impact. operationId: PatchPrefixList parameters: - in: path name: tier-0-id required: true type: string - in: path name: prefix-list-id required: true type: string - in: body name: PrefixList required: true schema: $ref: '#/definitions/PrefixList' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a prefix list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Prefix List x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If prefix list for prefix-list-id is not already present, create a prefix list. If it already exists, replace the prefix list for prefix-list-id. Note: Updating existing prefixes require order to be preserved to avoid traffic impact. During PATCH operation, reordering of existing prefixes may impact routes and eventually datapath. Order here is crucial and it all depends upon action. If action for every prefix is PERMIT then order may not impact but if there is DENY prefix then change in ordering could lead to traffic impact. operationId: CreateOrReplacePrefixList parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- Prefix List ID in: path name: prefix-list-id required: true type: string - in: body name: PrefixList required: true schema: $ref: '#/definitions/PrefixList' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PrefixList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a prefix list tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Prefix List x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/route-maps: get: consumes: - application/json description: | Paginated list of all route maps under a tier-0 operationId: ListAllRouteMaps parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0RouteMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List route maps tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Route Maps x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/route-maps/{route-map-id}: delete: consumes: - application/json description: |- Delete a route map operationId: RemoveRouteMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a route map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Route Maps x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read a route map operationId: GetRouteMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0RouteMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a route map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Route Maps x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a route map with the route-map-id is not already present, create a new route map. If it already exists, update the route map for specified attributes. operationId: PatchRouteMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-map-id required: true type: string - in: body name: Tier0RouteMap required: true schema: $ref: '#/definitions/Tier0RouteMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a route map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Route Maps x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a route map with the route-map-id is not already present, create a new route map. If it already exists, replace the route map instance with the new object. operationId: CreateOrReplaceRouteMap parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-map-id required: true type: string - in: body name: Tier0RouteMap required: true schema: $ref: '#/definitions/Tier0RouteMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0RouteMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a route map tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Route Maps x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/routing-table: get: consumes: - application/json description: | Get routing table from tier-0 operationId: GetTier0Routes parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoutingTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routing table from tier-0 tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Routing Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/routing-table?format=csv: get: consumes: - application/json description: | Get routing table from tier-0 gateway in CSV format. operationId: GetTier0RoutesCsv parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/GatewayRouteTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get routing table from tier-0 in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Routing Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/security-config: delete: consumes: - application/json description: |- Delete security config operationId: DeleteTier0SecurityFeature parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Collection of T0 supported security features enum: - IDFW in: query name: feature required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete security config tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Security Configuration x-vmw-nsx-module: PolicyGatewaySecurityFeature get: consumes: - application/json description: | Read Security Feature. operationId: ReadTier0SecurityFeature parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Collection of T0 supported security features enum: - IDFW in: query name: feature required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0SecurityFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Security Feature tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Security Configuration x-vmw-nsx-module: PolicyGatewaySecurityFeature patch: consumes: - application/json description: | Create a T0 security configuration if it is not already present, otherwise update the security onfiguration. operationId: PatchTier0SecurityFeature parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - in: body name: Tier0SecurityFeatures required: true schema: $ref: '#/definitions/Tier0SecurityFeatures' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0SecurityFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update security configuration tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Security Configuration x-vmw-nsx-module: PolicyGatewaySecurityFeature put: consumes: - application/json description: | Create or update security configuration. operationId: CreateOrUpdateTier0SecurityFeature parameters: - description: |- tier0 id in: path name: tier-0-id required: true type: string - in: body name: Tier0SecurityFeatures required: true schema: $ref: '#/definitions/Tier0SecurityFeatures' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0SecurityFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update security configuration tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Security Configuration x-vmw-nsx-module: PolicyGatewaySecurityFeature /infra/tier-0s/{tier-0-id}/state: get: consumes: - application/json description: | Returns operationId: GetTier0State parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Interface path for interface specific state such as IPv6 DAD state in: query name: interface_path type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Returns specific information based on the value specified. enum: - GATEWAY_STATE - GATEWAY_STATUS - IPV6_STATUS in: query name: type type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier0GatewayState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier0 state tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/static-routes: get: consumes: - application/json description: | Paginated list of all Tier-0 Static Routes operationId: ListTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-0 Static Routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/static-routes/bfd-peers: get: consumes: - application/json description: | Paginated list of all StaticRouteBfdPeers. operationId: ListStaticRouteBfdPeer parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRouteBfdPeerListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List StaticRouteBfdPeers tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes BFD Peers x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/static-routes/bfd-peers/{bfd-peer-id}: delete: consumes: - application/json description: |- Delete this StaticRouteBfdPeer and all the entities contained by it. operationId: DeleteStaticRouteBfdPeer parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- BFD peer ID in: path name: bfd-peer-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete this StaticRouteBfdPeer and all the entities contained by it. tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes BFD Peers x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read a StaticRouteBfdPeer with the bfd-peer-id. operationId: ReadStaticRouteBfdPeer parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- BFD peer ID in: path name: bfd-peer-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRouteBfdPeer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read a StaticRouteBfdPeer tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes BFD Peers x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a StaticRouteBfdPeer with the bfd-peer-id is not already present, create a new StaticRouteBfdPeer. If it already exists, update the StaticRouteBfdPeer. This is a full replace. operationId: PatchStaticRouteBfdPeer parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- BFD peer ID in: path name: bfd-peer-id required: true type: string - in: body name: StaticRouteBfdPeer required: true schema: $ref: '#/definitions/StaticRouteBfdPeer' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a StaticRouteBfdPeer tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes BFD Peers x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a StaticRouteBfdPeer with the bfd-peer-id is not already present, create a new StaticRouteBfdPeer. If it already exists, update the StaticRouteBfdPeer. This operation will fully replace the object. operationId: UpdateStaticRouteBfdPeer parameters: - description: |- Tier-0 ID in: path name: tier-0-id required: true type: string - description: |- BFD peer ID in: path name: bfd-peer-id required: true type: string - in: body name: StaticRouteBfdPeer required: true schema: $ref: '#/definitions/StaticRouteBfdPeer' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRouteBfdPeer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a StaticRouteBfdPeer tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes BFD Peers x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/static-routes/{route-id}: delete: consumes: - application/json description: |- Delete Tier-0 static routes operationId: DeleteTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-0 static routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-0 static routes operationId: ReadTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-0 static routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If static routes for route-id are not already present, create static routes. If it already exists, update static routes for route-id. operationId: PatchTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-id required: true type: string - in: body name: StaticRoutes required: true schema: $ref: '#/definitions/StaticRoutes' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 static routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If static routes for route-id are not already present, create static routes. If it already exists, replace the static routes for route-id. operationId: CreateOrReplaceTier0StaticRoutes parameters: - in: path name: tier-0-id required: true type: string - in: path name: route-id required: true type: string - in: body name: StaticRoutes required: true schema: $ref: '#/definitions/StaticRoutes' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-0 static routes tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier-0-id}/tier-1-interface/arp-table: get: consumes: - application/json description: | Get tier-0 interface arp information. operationId: GetTier0RouterLinkArpTable parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 router link arp information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/tier-1-interface/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-0 router link interface, on a edge node. The edge_path parameter is mandatory if the interface type is not EXTERNAL. operationId: GetTier0RouterLinkArpTableCsv parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-0 router link interface in CSV format tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/tier-1-interface/statistics: get: consumes: - application/json description: | Get tier-0 interface statistics information. operationId: GetTier0RouterLinkStatistics parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 router link statistics information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}/tier-1-interface/statistics/summary: get: consumes: - application/json description: | Get tier-0 interface statistics summary information. operationId: GetTier0RouterLinkSummaryStatistics parameters: - in: path name: tier-0-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Policy path of tier1 in: query name: tier1_path required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-0 router link statistics summary information tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-0s/{tier-0-id}?action=reprocess: post: consumes: - application/json description: | Reprocess Tier0 gateway configuration and configuration of related entities like Tier0 interfaces and static routes, etc. Any missing Updates are published to NSX controller. operationId: Tier0GatewayReprocess parameters: - in: path name: tier-0-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reprocess Tier0 gateway configuration and publish updates to NSX controller tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Tier-0 Gateways x-vmw-nsx-module: PolicyConnectivity /infra/tier-0s/{tier0-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id}: delete: consumes: - application/json description: |- API will delete Flood Protection Profile Binding for Tier-0 Logical Router. operationId: DeleteTier0FloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Flood Protection Profile Binding for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-0 Logical Router. operationId: GetTier0FloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-0 Logical Router. operationId: PatchTier0FloodProtectionProfileBindingMap parameters: - in: path name: tier0-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-0 Logical Router. operationId: UpdateTier0FloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /infra/tier-0s/{tier0-id}/locale-services/{locale-services-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id} : delete: consumes: - application/json description: |- API will delete Flood Protection Profile Binding for Tier-0 Logical Router LocaleServices. operationId: DeleteTier0LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Flood Protection Profile Binding for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices. operationId: GetTier0LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-0 Logical Router LocaleServices. operationId: PatchTier0LocaleServicesFloodProtectionProfileBindingMap parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-0 Logical Router LocaleServices. operationId: UpdateTier0LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /infra/tier-0s/{tier0-id}/locale-services/{locale-services-id}/session-timer-profile-bindings/{session-timer-profile-binding-id} : delete: consumes: - application/json description: |- API will delete Session Timer Profile Binding for Tier-0 Logical Router LocaleServices. operationId: DeleteTier0LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Session Timer Profile Binding for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices. operationId: GetTier0LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-0 Logical Router LocaleServices. operationId: PatchTier0LocalServicesSessionTimerProfileBindingMap parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-0 Logical Router LocaleServices. operationId: UpdateTier0LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-0 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /infra/tier-0s/{tier0-id}/session-timer-profile-bindings/{session-timer-profile-binding-id}: delete: consumes: - application/json description: |- API will delete Session Timer Profile Binding for Tier-0 Logical Router. operationId: DeleteTier0SessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Session Timer Profile Binding for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-0 Logical Router. operationId: GetTier0SessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-0 Logical Router. operationId: PatchTier0SessionTimerProfileBindingMap parameters: - in: path name: tier0-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-0 Logical Router. operationId: UpdateTier0SessionTimerProfileBinding parameters: - in: path name: tier0-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-0 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /infra/tier-1s: get: consumes: - application/json description: | Paginated list of all Tier-1 instances operationId: ListTier1 parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1ListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 instances tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}: delete: consumes: - application/json description: |- Delete Tier-1 configuration operationId: DeleteTier1 parameters: - in: path name: tier-1-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-1 configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-1 configuration operationId: ReadTier1 parameters: - in: path name: tier-1-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If Tier-1 with the tier-1-id is not already present, create a new Tier-1 instance. If it already exists, update the tier-1 instance with specified attributes. operationId: PatchTier1 parameters: - in: path name: tier-1-id required: true type: string - in: body name: Tier1 required: true schema: $ref: '#/definitions/Tier1' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Tier-1 configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If Tier-1 with the tier-1-id is not already present, create a new Tier-1 instance. If it already exists, replace the Tier-1 instance with this object. operationId: CreateOrReplaceTier1 parameters: - in: path name: tier-1-id required: true type: string - in: body name: Tier1 required: true schema: $ref: '#/definitions/Tier1' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update tier-1 configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/arp-proxies: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 operationId: GetTier1GatewayArpProxies parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-1 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/arp-proxies?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 in CSV format operationId: GetTier1GatewayArpProxiesInCsv parameters: - in: path name: tier-1-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/dns-forwarder: delete: consumes: - application/json description: |- Delete DNS configuration for tier-1 instance operationId: DeletePolicyDnsForwarderOnTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DNS configuration for tier-1 instance tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder get: consumes: - application/json description: |- Read the DNS Forwarder for the given tier-1 instance operationId: ReadPolicyDnsForwarderOnTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarder' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read the DNS Forwarder for the given tier-1 instance tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder patch: consumes: - application/json description: |- Create or update the DNS Forwarder operationId: PatchPolicyDnsForwarderOnTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - in: body name: PolicyDnsForwarder required: true schema: $ref: '#/definitions/PolicyDnsForwarder' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update the DNS Forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder post: consumes: - application/json description: | Perform the specified action for Tier0 DNS forwarder on specified enforcement point. operationId: PerformEPActionForDnsForwarderAtTier1 parameters: - in: path name: tier-1-id required: true type: string - description: An action to be performed for DNS forwarder on EP enum: - clear_cache in: query name: action required: true type: string - default: /infra/sites/default/enforcement-points/default description: An enforcement point path, on which the action is to be performed in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Perform the specified DNS forwarder action tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder put: consumes: - application/json description: |- Create or update the DNS Forwarder operationId: UpdatePolicyDnsForwarderOnTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - in: body name: PolicyDnsForwarder required: true schema: $ref: '#/definitions/PolicyDnsForwarder' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyDnsForwarder' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update the DNS Forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder /infra/tier-1s/{tier-1-id}/dns-forwarder/nslookup: get: consumes: - application/json description: | Query the nameserver for an ip-address or a FQDN of the given an address optionally using an specified DNS server. If the address is a fqdn, nslookup will resolve ip-address with it. If the address is an ip-address, do a reverse lookup and answer fqdn(s). If enforcement point is specified, then DNS forwarder nslookup answer will get fetched from specified enforcement point. Otherwise from all enforcement points. operationId: LookupAddressViaTier1DNSForwarder parameters: - in: path name: tier-1-id required: true type: string - description: IP address or FQDN for nslookup in: query name: address required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregatePolicyDnsAnswer' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Resolve a given address via the dns forwarder at Tier1 tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDnsForwarder /infra/tier-1s/{tier-1-id}/dns-forwarder/statistics: get: consumes: - application/json description: | Get statistics of tier-1 DNS forwarder. - no enforcement point path specified: Statistics will be evaluated on each enforcement point. - {enforcement_point_path}: Statistics are evaluated only on the given enforcement point. operationId: GetTier1DNSForwarderStatistics parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 DNS forwarder statistics tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDNSStatistics /infra/tier-1s/{tier-1-id}/dns-forwarder/status: get: consumes: - application/json description: | Get current status of tier-1 DNS forwarder. - no enforcement point path specified: Status will be evaluated on each enforcement point. - {enforcement_point_path}: Status will be evaluated only on the given enforcement point. operationId: GetTier1DNSForwarderStatus parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateDNSForwarderStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get current status of tier-1 DNS forwarder tags: - Policy - Networking - IP Management - DNS - DNS Forwarder - Tier-1 Gateways x-vmw-nsx-module: PolicyDNSStatistics /infra/tier-1s/{tier-1-id}/forwarding-table: get: consumes: - application/json description: | Get forwarding table from tier-1 operationId: GetTier1ForwardingTable parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/RoutingTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-1 tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/forwarding-table?format=csv: get: consumes: - application/json description: | Get forwarding table from tier-1 gateway in CSV format. operationId: GetTier1ForwardingTableCsv parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: UUID of edge node in: query name: edge_id type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: IPAddress or CIDR Block format: address-or-cidr-block in: query name: network_prefix type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Filter routes based on the source from which route is learned enum: - BGP - STATIC - CONNECTED - OSPF in: query name: route_source type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/GatewayRouteTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get forwarding table from tier-1 in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Forwarding Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of Gateway Firewall rules associated with the Tier-1. The gateway policies are returned in the order of category and sequence number. operationId: ViewTier1GatewayFirewall parameters: - in: path name: tier-1-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-1. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-1 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /infra/tier-1s/{tier-1-id}/ipsec-vpn-services: get: consumes: - application/json description: | Get paginated list of all IPSec VPN services under Tier-1. operationId: ListTier1VpnIPSecVpnServices parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}: delete: consumes: - application/json description: |- Delete given IPSec VPN service under Tier-1. operationId: DeleteTier1VpnIPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: | Get given IPSec VPN service under Tier-1. operationId: GetTier1VpnIPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: | Create or patch IPSec VPN service under Tier-1. operationId: CreateOrPatchTier1VpnIPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN service under Tier-1. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier1VpnIPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/local-endpoints: get: consumes: - application/json description: | Get paginated list of all IPSec VPN local endpoints for a given ipsec vpn service under Tier-1. operationId: ListTier1VpnIPSecVpnLocalEndpoints parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/local-endpoints/{local-endpoint-id}: delete: consumes: - application/json description: | Delete IPSec VPN local endpoint for a ipsec vpn service under Tier-1. operationId: DeleteTier1VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: | Get IPSec VPN local endpoint for a ipsec vpn service under Tier-1. operationId: GetTier1VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: |- Create or patch a custom IPSec VPN local endpoint for a given ipsec vpn service under Tier-1. operationId: CreateOrPatchTier1VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a custom IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN local endpoint for a given ipsec vpn service under Tier-1. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier1VpnIPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/sessions: get: consumes: - application/json description: | Get paginated list of all IPSec VPN sessions for a given ipsec vpn service under Tier-1. operationId: ListTier1VpnIPSecVpnSessions parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN sessions list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: |- Delete IPSec VPN session for a given ipsec-vpn service under Tier-1. operationId: DeleteTier1VpnIPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn get: consumes: - application/json description: | Get IPSec VPN session without sensitive data for a ipsec vpn service under Tier-1. operationId: GetTier1VpnIPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn patch: consumes: - application/json description: | Create or patch an IPSec VPN session for a ipsec vpn service under Tier-1. operationId: CreateOrPatchTier1VpnIPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN session for a ipsec vpn service under Tier-1. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier1VpnIPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/detailed-status: get: consumes: - application/json description: | - no enforcement point path specified: detailed status is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed status is fetched realtime from the enforcement point. - source=cached: cached detailed status from enforcement point is returned. operationId: GetTier1VpnIPSecVpnSessionStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session detailed status under Tier-1 tags: - Policy - Networking - Network Services - VPN - IPSEC - Status x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/peer-config: get: consumes: - application/json description: | Download IPSec VPN configuration for the peer site. Peer config also contains PSK; be careful when sharing or storing it. operationId: GetTier1VpnIPSecVpnPeerConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - text/plain; charset=utf-8 responses: '200': description: OK schema: type: string '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN configuration for the peer site tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/statistics: get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from enforcement point are returned. operationId: GetTier1VpnIPSecVpnSessionStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session statistics under Tier-1 tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics post: consumes: - application/json description: | Resets the statistics of the given VPN session. Since source of data is enforcement point, data is reset there. operationId: ResetTier1VpnIPSecVpnSessionStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: Action on statistics enum: - reset in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset the statistics of the given VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}?action=show_sensitive_data: get: consumes: - application/json description: | Get IPSec VPN session with senstive data for a ipsec vpn service under Tier-1. operationId: GetTier1VpnIPSecVpnSessionWithSensitiveData parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyVpnIPSecVpn /infra/tier-1s/{tier-1-id}/ipsec-vpn-services/{service-id}/summary: get: consumes: - application/json description: | Summarized view of all tier-1 IPSec VPN sessions for a specified service. operationId: GetTier1VpnIpsecVpnSessionSummary parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIpsecVpnIkeServiceSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session Summary tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Summary x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-1s/{tier-1-id}/l2vpn-services: get: consumes: - application/json description: |- Get paginated list of all L2VPN services under Tier-1. operationId: ListTier1VpnL2VPNServices parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service list result under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}: delete: consumes: - application/json description: |- Delete L2VPN service for given Tier-1. operationId: DeleteTier1VpnL2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN get: consumes: - application/json description: |- Get L2VPN service for given Tier-1. operationId: GetTier1VpnL2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN patch: consumes: - application/json description: |- Create or patch L2VPN service for given Tier-1. operationId: CreateOrPatchTier1VpnL2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN put: consumes: - application/json description: |- Create or fully replace L2VPN service for given Tier-1. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier1VpnL2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}/sessions: get: consumes: - application/json description: |- Get paginated list of all L2VPN sessions under Tier-1. operationId: ListTier1VpnL2VPNSessions parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN sessions list result under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: |- Delete L2VPN session under Tier-1. When L2VPN Service is in CLIENT Mode, the L2VPN Session is deleted along with its transpot tunnels and related resources. operationId: DeleteTier1VpnL2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN get: consumes: - application/json description: |- Get L2VPN session under Tier-1. operationId: GetTier1VpnL2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN Session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN patch: consumes: - application/json description: | Create or patch an L2VPN session under Tier-1. API supported only when L2VPN Service is in Server Mode. operationId: CreateOrPatchTier1VpnL2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN put: consumes: - application/json description: | Create or fully replace L2VPN session under Tier-1. API supported only when L2VPN Service is in Server Mode. Revision is optional for creation and required for update. operationId: CreateOrUpdateTier1VpnL2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}/sessions/{session-id}/detailed-status: get: consumes: - application/json description: | - no enforcement point path specified: detailed tatus is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed tatus is fetched realtime from the enforcement point. - source=cached: cached detailed status is returned. operationId: GetTier1VpnL2VpnSessionStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session detailed status under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Status x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}/sessions/{session-id}/peer-config: get: consumes: - application/json description: | Get peer config for the Tier-1 L2VPN session to configure the remote side of the tunnel. - no enforcement point path specified: L2VPN Session Peer Codes will be evaluated on each enforcement point. - enforcement point paths specified: L2VPN Session Peer Codes are evaluated only on the given enforcement points. API supported only when L2VPN Service is in Server Mode. operationId: GetTier1VpnL2VPNSessionPeerConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionPeerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 L2VPN session configuration for the peer site tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}/sessions/{session-id}/remote-mac: get: consumes: - application/json description: | Returns L2Vpn session remote macs for a logical switch. Data is fetched from enforcement point. operationId: GetTier1VpnL2VpnSessionRemoteMacsForLS parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Segment Path in: query name: segment_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VpnSessionRemoteMac' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2Vpn session remote mac for logical switch tags: - Policy - Networking - Network Services - VPN - L2VPN - Remote-Mac x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}/sessions/{session-id}/statistics: get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from the enforcement point are returned. operationId: GetTier1VpnL2VpnSessionStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session statistics under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Statistics x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-1s/{tier-1-id}/l2vpn-services/{service-id}/sessions/{session-id}?action=create_with_peer_code: post: consumes: - application/json description: | Create or patch an L2VPN session under Tier-1 from Peer Codes. In addition to the L2VPN Session, the IPSec VPN Session, along with the IKE, Tunnel, and DPD Profiles are created and owned by the system. IPSec VPN Service and Local Endpoint are created only when required, i.e., an IPSec VPN Service does not already exist, or an IPSec VPN Local Endpoint with same local address does not already exist. Updating the L2VPN Session can be performed only through this API by specifying new peer codes. Use of specific APIs to update the L2VPN Session and the different resources associated with it is not allowed, except for IPSec VPN Service and Local Endpoint, resources that are not system owned. API supported only when L2VPN Service is in Client Mode. operationId: CreateOrPatchTier1VpnL2VPNSessionFromPeerCodes parameters: - in: path name: tier-1-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSessionData required: true schema: $ref: '#/definitions/L2VPNSessionData' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-1 from Peer Codes tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyVpnLayer2VPN /infra/tier-1s/{tier-1-id}/locale-services: get: consumes: - application/json description: | Paginated list of all Tier-1 locale-services operationId: ListTier1LocaleServices parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServicesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 locale-services tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Locale Services x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/arp-proxies: get: consumes: - application/json description: | This API is deprecated. Please use /infra/tier-1s/<tier-1-id>/arp-proxies Returns ARP proxy table for a tier-1 operationId: GetTier1ArpProxies parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-1 Gateways - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/byod-service-instances: get: consumes: - application/json description: |- Read all Tier1 BYOD service instance objects under a tier-1 operationId: ListTier1ByodPolicyServiceInstances parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ByodPolicyServiceInstanceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read all Tier1 BYOD service instance objects under a tier-1 tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/byod-service-instances/{service-instance-id}: delete: consumes: - application/json description: |- Delete BYOD policy service instance operationId: DeleteTier1ByodPolicyServiceInstance parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete BYOD policy service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read Tier1 BYOD service instance operationId: ReadTier1ByodPolicyServiceInstance parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Tier1 BYOD Service instance id in: path name: service-instance-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ByodPolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier1 BYOD service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create Tier1 BYOD Service Instance which represents instance of service definition created on manager. operationId: PatchTier1ByodPolicyServiceInstance parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Tier1 BYOD Service instance id in: path name: service-instance-id required: true type: string - in: body name: ByodPolicyServiceInstance required: true schema: $ref: '#/definitions/ByodPolicyServiceInstance' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Tier1 BYOD service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create Tier1 BYOD Service Instance which represent instance of service definition created on manager. operationId: CreateTier1ByodPolicyServiceInstance parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Tier1 BYOD service instance id in: path name: service-instance-id required: true type: string - in: body name: ByodPolicyServiceInstance required: true schema: $ref: '#/definitions/ByodPolicyServiceInstance' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ByodPolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Tier1 BYOD service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/byod-service-instances/{service-instance-id}/service-instance-endpoints : get: consumes: - application/json description: |- List all Tier1 service instance endpoint operationId: ListTier1PolicyServiceInstanceEndpoints parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInstanceEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all Tier1 service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/byod-service-instances/{service-instance-id}/service-instance-endpoints/{service-instance-endpoint-id} : delete: consumes: - application/json description: |- Delete Tier1 service instance endpoint operationId: DeleteTier1PolicyServiceInstanceEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Tier1 Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier1 service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read Tier1 service instance endpoint operationId: ReadTier1PolicyServiceInstanceEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Tier1 Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInstanceEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier1 service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create Tier1 Service instance endpoint. operationId: PatchTier1ServiceInstanceEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Tier1 Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string - in: body name: ServiceInstanceEndpoint required: true schema: $ref: '#/definitions/ServiceInstanceEndpoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Tier1 service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create Tier1 service instance endpoint with given request if not exist. Modification of Tier1 service instance endpoint is not allowed. operationId: CreateTier1ServiceInstanceEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string - description: |- Tier1 Service instance endpoint id in: path name: service-instance-endpoint-id required: true type: string - in: body name: ServiceInstanceEndpoint required: true schema: $ref: '#/definitions/ServiceInstanceEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInstanceEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Tier1 service instance endpoint tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/endpoints/virtual-endpoints: get: consumes: - application/json description: |- List all virtual endpoints operationId: ListTier1VirtualEndpoints parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all virtual endpoints tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/endpoints/virtual-endpoints/{virtual-endpoint-id}: delete: consumes: - application/json description: |- Delete virtual endpoint operationId: DeleteTier1VirtualEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read virtual endpoint with given id under given Tier1. operationId: ReadTier1VirtualEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create or update virtual endpoint. operationId: PatchTier1VirtualEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string - in: body name: VirtualEndpoint required: true schema: $ref: '#/definitions/VirtualEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create or update virtual endpoint. operationId: CreateOrUpdateTier1VirtualEndpoint parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Virtual endpoint id in: path name: virtual-endpoint-id required: true type: string - in: body name: VirtualEndpoint required: true schema: $ref: '#/definitions/VirtualEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VirtualEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update virtual endpoint tags: - Policy - Security - Service Insertion - Virtual Endpoints - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 interface operationId: GetTier1InterfaceArpProxies parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Interface Address Resolution Protocol Proxies tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for a tier-1 interface in CSV format operationId: GetTier1InterfaceArpProxiesInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 Interface Address Resolution Protocol Proxies in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Proxies x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the tier-1 interface, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GetTier1InterfaceArpTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-1 interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-1 interface, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GetTier1InterfaceArpTableCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-1 interface in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/dad-state: get: consumes: - application/json description: | Get tier-1 interface DAD state information. operationId: GetTier1InterfaceDADState parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD status by interface tags: - Policy - Networking - Connectivity - Tier-0 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics: get: consumes: - application/json description: | Get tier-1 interface statistics information. operationId: GetTier1InterfaceStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 interface statistics information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/interfaces/{interface-id}/statistics/summary: get: consumes: - application/json description: | Get tier-1 interface statistics information. operationId: GetTier1InterfaceStatisticsSummary parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 interface statistics summary information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services: get: consumes: - application/json description: | Get paginated list of all IPSec VPN services for a given locale service under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier1IPSecVpnServices parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}: delete: consumes: - application/json description: | Delete IPSec VPN service for a given locale service under Tier-1. This API is deprecated. Please use DELETE /infra/tier-1s/<tier-1-id>/psec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: DeleteTier1IPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn get: consumes: - application/json description: | Get IPSec VPN service for a given locale service under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1IPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn patch: consumes: - application/json description: | Create or patch IPSec VPN service for a given locale service under Tier-1. This API is deprecated. Please use PATCH /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchTier1IPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN service for a given locale service under Tier-1. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrUpdateTier1IPSecVpnService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: IPSecVpnService required: true schema: $ref: '#/definitions/IPSecVpnService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN service tags: - Policy - Networking - Network Services - VPN - IPSEC - Services x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/local-endpoints: get: consumes: - application/json description: | Get paginated list of all IPSec VPN local endpoints for a given locale service under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/local-endpoints instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier1IPSecVpnLocalEndpoints parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpointListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/local-endpoints/{local-endpoint-id} : delete: consumes: - application/json description: | Delete IPSec VPN local endpoint for a given locale service under Tier-1. This API is deprecated. Please use DELETE /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: DeleteTier1IPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn get: consumes: - application/json description: | Get IPSec VPN local endpoint for a given locale service under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1IPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn patch: consumes: - application/json description: | Create or patch a custom IPSec VPN local endpoint for a given locale service under Tier-1. This API is deprecated. Please use PATCH /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: CreateOrPatchTier1IPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch a custom IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN local endpoint for a given locale service under Tier-1. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ local-endpoints/<local-endpoint-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: CreateOrUpdateTier1IPSecVpnLocalEndpoint parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: local-endpoint-id required: true type: string - in: body name: IPSecVpnLocalEndpoint required: true schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnLocalEndpoint' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN local endpoint tags: - Policy - Networking - Network Services - VPN - IPSEC - Local Endpoints x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions: get: consumes: - application/json description: | Get paginated list of all IPSec VPN sessions for a given locale service under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier1IPSecVpnSessions parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN sessions list result tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: | Delete IPSec VPN session for a given locale service under Tier-1. This API is deprecated. Please use DELETE /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: DeleteTier1IPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn get: consumes: - application/json description: | Get IPSec VPN session without sensitive data for a given locale service under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1IPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn patch: consumes: - application/json description: | Create or patch an IPSec VPN session for a given locale service under Tier-1. This API is deprecated. Please use PATCH /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path operationId: CreateOrPatchTier1IPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn put: consumes: - application/json description: | Create or fully replace IPSec VPN session for a given locale service under Tier-1. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrUpdateTier1IPSecVpnSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: IPSecVpnSession required: true schema: $ref: '#/definitions/IPSecVpnSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace IPSec VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/detailed-status : get: consumes: - application/json description: | - no enforcement point path specified: detailed status is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed status is fetched realtime from the enforcement point. - source=cached: cached detailed status from enforcement point is returned. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id>/detailed-status instead. operationId: GetTier1IPSecVpnSessionStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session detailed status under Tier-1 tags: - Policy - Networking - Network Services - VPN - IPSEC - Status x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/peer-config : get: consumes: - application/json description: | Download IPSec VPN configuration for the peer site. Peer config also contains PSK; be careful when sharing or storing it. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>/peer-config instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1IPSecVpnPeerConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - text/plain; charset=utf-8 responses: '200': description: OK schema: type: string '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN configuration for the peer site tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}/statistics : get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from enforcement point are returned. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id>/statistics instead. operationId: GetTier1IPSecVpnSessionStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateIPSecVpnSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN session statistics under Tier-1 tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics post: consumes: - application/json description: | Resets the statistics of the given VPN session. Since source of data is enforcement point, data is reset there. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/ sessions/<session-id>/statistics instead. operationId: ResetTier1IPSecVpnSessionStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: Action on statistics enum: - reset in: query name: action required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reset the statistics of the given VPN session tags: - Policy - Networking - Network Services - VPN - IPSEC - Statistics x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/sessions/{session-id}?action=show_sensitive_data : get: consumes: - application/json description: | Get IPSec VPN session with senstive data for a given locale service under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/sessions/<session-id>?action=show_sensitive_data instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1IPSecVpnSessionWithSensitiveData parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IPSecVpnSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions x-vmw-nsx-module: PolicyIPSecVpn /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/ipsec-vpn-services/{service-id}/summary: get: consumes: - application/json description: | Summarized view of all tier-1 IPSec VPN sessions for a specified service. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/ipsec-vpn-services/<service-id>/summary instead. operationId: GetTier1IpsecVpnSessionSummary parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyIpsecVpnIkeServiceSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IPSec VPN Session Summary tags: - Policy - Networking - Network Services - VPN - IPSEC - Sessions - Summary x-vmw-nsx-module: PolicyVPNStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services: get: consumes: - application/json description: | Get paginated list of all L2VPN services under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/l2vpn-services> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier1L2VPNServices parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNServiceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service list result under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}: delete: consumes: - application/json description: | Delete L2VPN service for given Tier-1 locale service. This API is deprecated. Please use DELETE /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: DeleteTier1L2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN get: consumes: - application/json description: | Get L2VPN service for given Tier-1 locale service. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1L2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN patch: consumes: - application/json description: | Create or patch L2VPN service for given Tier-1 locale service. This API is deprecated. Please use PATCH /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchTier1L2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN put: consumes: - application/json description: | Create or fully replace L2VPN service for given Tier-1 locale service. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrUpdateTier1L2VPNService parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: body name: L2VPNService required: true schema: $ref: '#/definitions/L2VPNService' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNService' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN service under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Services x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions: get: consumes: - application/json description: | Get paginated list of all L2VPN sessions under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/sessions instead. Note: The API will return a new VPN path for "transport_tunnels" in the response payload instead of the deprecated API path Both paths refer to the same object. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: ListTier1L2VPNSessions parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSessionListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN sessions list result under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}: delete: consumes: - application/json description: | Delete L2VPN session under Tier-1. When L2VPN Service is in CLIENT Mode, the L2VPN Session is deleted along with its transpot tunnels and related resources. This API is deprecated. Please use DELETE /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/ sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: DeleteTier1L2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete L2VPN session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN get: consumes: - application/json description: | Get L2VPN session under Tier-1. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/ sessions/<session-id> instead. Note: The API will return a new VPN path for "transport_tunnels" in the response payload instead of the deprecated API path Both paths refer to the same object. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1L2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN Session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN patch: consumes: - application/json description: | Create or patch an L2VPN session under Tier-1. API supported only when L2VPN Service is in Server Mode. This API is deprecated. Please use PATCH /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/ sessions/<session-id> instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchTier1L2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN put: consumes: - application/json description: | Create or fully replace L2VPN session under Tier-1. API supported only when L2VPN Service is in Server Mode. Revision is optional for creation and required for update. This API is deprecated. Please use PUT /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/ sessions/<session-id> instead. Note: The API will return a new VPN path for "transport_tunnels" in the response payload instead of the deprecated API path Both paths refer to the same object. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrUpdateTier1L2VPNSession parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSession required: true schema: $ref: '#/definitions/L2VPNSession' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/L2VPNSession' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or fully replace L2VPN session under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/detailed-status : get: consumes: - application/json description: | - no enforcement point path specified: detailed tatus is evaluated on each enforcement point. - an enforcement point path is specified: detailed status is evaluated only on the given enforcement point. - source=realtime: detailed tatus is fetched realtime from the enforcement point. - source=cached: cached detailed status is returned. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/ sessions/<session-id>/detailed-status instead. operationId: GetTier1L2VpnSessionStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session detailed status under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Status x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/peer-config : get: consumes: - application/json description: | Get peer config for the Tier-1 L2VPN session to configure the remote side of the tunnel. - no enforcement point path specified: L2VPN Session Peer Codes will be evaluated on each enforcement point. - enforcement point paths specified: L2VPN Session Peer Codes are evaluated only on the given enforcement points. API supported only when L2VPN Service is in Server Mode. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/ sessions/<session-id>/peer-config instead. Note: The API will return a new VPN path for "transport_tunnel_path" in the response payload instead of the deprecated API path Both paths refer to the same object. Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. operationId: GetTier1L2VPNSessionPeerConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionPeerConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 L2VPN session configuration for the peer site tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/remote-mac : get: consumes: - application/json description: | Returns L2Vpn session remote macs for a logical switch. Data is fetched from enforcement point. This API is deprecated. Please use GET /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/sessions/<session-id>/remote-mac instead. operationId: GetTier1L2VpnSessionRemoteMacsForLS parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Segment Path in: query name: segment_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VpnSessionRemoteMac' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2Vpn session remote mac for logical switch tags: - Policy - Networking - Network Services - VPN - L2VPN - Remote-Mac x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}/statistics : get: consumes: - application/json description: | - no enforcement point path specified: statistics are evaluated on each enforcement point. - an enforcement point path is specified: statistics are evaluated only on the given enforcement point. - source=realtime: statistics are fetched realtime from the enforcement point. - source=cached: cached statistics from the enforcement point are returned. This API is deprecated. Please use GET //infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/ sessions/<session-id>/statistics instead. operationId: GetTier1L2VpnSessionStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AggregateL2VPNSessionStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get L2VPN session statistics under Tier-1 tags: - Policy - Networking - Network Services - VPN - L2VPN - Statistics x-vmw-nsx-module: PolicyVPNStatistics ? /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/l2vpn-services/{service-id}/sessions/{session-id}?action=create_with_peer_code : post: consumes: - application/json description: | Create or patch an L2VPN session under Tier-1 from Peer Codes. In addition to the L2VPN Session, the IPSec VPN Session, along with the IKE, Tunnel, and DPD Profiles are created and owned by the system. IPSec VPN Service and Local Endpoint are created only when required, i.e., an IPSec VPN Service does not already exist, or an IPSec VPN Local Endpoint with same local address does not already exist. Updating the L2VPN Session can be performed only through this API by specifying new peer codes. Use of specific APIs to update the L2VPN Session and the different resources associated with it is not allowed, except for IPSec VPN Service and Local Endpoint, resources that are not system owned. API supported only when L2VPN Service is in Client Mode. This API is deprecated. Please use POST /infra/tier-1s/<tier-1-id>/l2vpn-services/<service-id>/sessions/<session-id>?action=create_with_peer_code instead. Note: Please note that request is validated and any error messages returned from validation may include the new VPN path instead of the deprecated path. Both new path and old path refer to same resource. Also VPN path returned in the Alarm, GPRR payload may include the new VPN path. operationId: CreateOrPatchTier1L2VPNSessionFromPeerCodes parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: service-id required: true type: string - in: path name: session-id required: true type: string - in: body name: L2VPNSessionData required: true schema: $ref: '#/definitions/L2VPNSessionData' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or patch an L2VPN session under Tier-1 from Peer Codes tags: - Policy - Networking - Network Services - VPN - L2VPN - Sessions x-vmw-nsx-module: PolicyLayer2VPN /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/service-instances: get: consumes: - application/json description: |- Read all service instance objects under a tier-1 operationId: ReadAllPolicyServiceInstancesForTier1 parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstanceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read all service instance objects under a tier-1 tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/service-instances/{service-instance-id}: delete: consumes: - application/json description: |- Delete Tier1 policy service instance operationId: DeleteTier1PolicyServiceInstance parameters: - description: |- Tier-0 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Tier1 Service instance id in: path name: service-instance-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier1 policy service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion get: consumes: - application/json description: |- Read Tier1 service instance operationId: ReadTier1PolicyServiceInstance parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Service instance id in: path name: service-instance-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier1 service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion patch: consumes: - application/json description: | Create Tier1 Service Instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. operationId: PatchTier1PolicyServiceInstance parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Tier1 Service instance id in: path name: service-instance-id required: true type: string - in: body name: PolicyServiceInstance required: true schema: $ref: '#/definitions/PolicyServiceInstance' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Tier1 service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion put: consumes: - application/json description: | Create Tier1 service instance. Please note that, only display_name, description and deployment_spec_name are allowed to be modified in an exisiting entity. If the deployment spec name is changed, it will trigger the upgrade operation for the SVMs. operationId: CreateTier1PolicyServiceInstance parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Tier1 Service instance id in: path name: service-instance-id required: true type: string - in: body name: PolicyServiceInstance required: true schema: $ref: '#/definitions/PolicyServiceInstance' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstance' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Tier1 service instance tags: - Policy - Security - Service Insertion - Service Instances - Tier-1 Gateways x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/service-instances/{service-instance-id}/statistics: get: consumes: - application/json description: | Get statistics for all data NICs on all runtimes associated with this Tier1 PolicyServiceInstance. operationId: GetTier1PolicyServiceInstanceStatistics parameters: - description: |- Tier-1 id in: path name: tier-1-id required: true type: string - description: |- Locale service id in: path name: locale-service-id required: true type: string - description: |- Tier1 Service instance id in: path name: service-instance-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyServiceInstanceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for all runtimes associated with this Tier1 PolicyServiceInstance tags: - Policy - Security - Service Insertion - Statistics x-vmw-nsx-module: PolicyServiceInsertion /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/service-interfaces: get: consumes: - application/json description: | Paginated list of all Tier 1 Service Interfaces operationId: ListTier1ServiceInterfaces parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier 1 Service Interfaces tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/locale-services/{locale-service-id}/service-interfaces/{interface-id}: delete: consumes: - application/json description: |- Delete Tier 1 service interface operationId: DeleteTier1ServiceInterface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier 1 service interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier 1 service interface operationId: ReadTier1ServiceInterface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier 1 service interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a Tier1 service interface with the interface-id is not already present, create a new Tier1 service interface. operationId: PatchTier1ServiceInterface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: ServiceInterface required: true schema: $ref: '#/definitions/ServiceInterface' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 service interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a Tier1 service interface with the interface-id is not already present, create a new Tier1 service interface. Modification of Tier 1 service interface is not allowed. operationId: CreateTier1ServiceInterface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-service-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: ServiceInterface required: true schema: $ref: '#/definitions/ServiceInterface' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ServiceInterface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a Tier1 service interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}: delete: consumes: - application/json description: |- Delete Tier-1 locale-services operationId: DeleteTier1LocaleServices parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-1 locale-services tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Locale Services x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-1 locale-services operationId: ReadTier1LocaleServices parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 locale-services tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Locale Services x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a Tier-1 locale services with the locale-services-id is not already present, create a new locale services. If it already exists, update Tier-1 locale services with specified attributes. operationId: PatchTier1LocaleServices parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: body name: LocaleServices required: true schema: $ref: '#/definitions/LocaleServices' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 locale-services tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Locale Services x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a Tier-1 locale services with the locale-services-id is not already present, create a new locale-services. If it already exists, replace the Tier-1 locale services instance with the new object. Modifying edge cluster re-allocates NSX service routers of TIER1 to a different edge cluster. You can also place edge nodes manually and provide maximum two indices for HA mode ACTIVE_STANDBY. To re-allocating edge cluster is a disruptive operation and all existing statistics of Tier1 gateway will be removed. operationId: CreateOrReplaceTier1LocaleServices parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: body name: LocaleServices required: true schema: $ref: '#/definitions/LocaleServices' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/LocaleServices' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 locale-services tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Locale Services x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/gateway-firewall: get: consumes: - application/json description: | Get filtered view of Gateway Firewall rules associated with the Tier-1 Locale Services. The gateway policies are returned in the order of category and sequence number. operationId: ViewTier1LocaleServicesGatewayFirewall parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/GatewayPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: | Get list of gateway policies with rules that belong to the specific Tier-1 LocalServices. tags: - Policy - Security - North South Security - Gateway Firewall - Tier-1 Gateways x-vmw-nsx-module: PolicyEdgeFirewall /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/interfaces: get: consumes: - application/json description: | Paginated list of all Tier-1 interfaces operationId: ListTier1Interfaces parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1InterfaceListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 interfaces tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/interfaces/{interface-id}: delete: consumes: - application/json description: |- Delete Tier-1 interface operationId: DeleteTier1Interface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: interface-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-1 interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-1 interface operationId: ReadTier1Interface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: interface-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1Interface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. If it already exists, update the interface for specified attributes. operationId: PatchTier1Interface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: Tier1Interface required: true schema: $ref: '#/definitions/Tier1Interface' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If an interface with the interface-id is not already present, create a new interface. If it already exists, replace the interface with this object. operationId: CreateOrReplaceTier1Interface parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: interface-id required: true type: string - in: body name: Tier1Interface required: true schema: $ref: '#/definitions/Tier1Interface' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1Interface' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a tier-1 interface tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Interfaces x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/multicast: get: consumes: - application/json description: | Read Multicast Configuration. operationId: ReadPolicyTier1MulticastConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTier1MulticastConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Multicast Configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Multicast x-vmw-nsx-module: PolicyMulticast patch: consumes: - application/json description: | Create or update a Tier-1 multicast configuration defining the multicast replication range. It will update the configuration if there is already one in place. operationId: PatchPolicyTier1MulticastConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: body name: PolicyTier1MulticastConfig required: true schema: $ref: '#/definitions/PolicyTier1MulticastConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update multicast configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Multicast x-vmw-nsx-module: PolicyMulticast put: consumes: - application/json description: | Create or update a Tier-1 multicast configuration defining the multicast replication range. It will update the configuration if there is already one in place. operationId: CreateOrUpdatePolicyTier1MulticastConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: body name: PolicyTier1MulticastConfig required: true schema: $ref: '#/definitions/PolicyTier1MulticastConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTier1MulticastConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update multicast configuration tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Multicast x-vmw-nsx-module: PolicyMulticast /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/multicast/forwarding: get: consumes: - application/json description: | Get Multicast Forwarding. operationId: GetTier1PolicyMulticastForwarding parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastForwarding' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Multicast Forwarding tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/multicast/forwarding?format=csv: get: consumes: - application/json description: | Get Multicast Forwarding In CSV Format. operationId: GetTier1PolicyMulticastForwardingInCsvFormat parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyMulticastForwardingInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Multicast Forwarding In Csv Format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/multicast/igmp-memberships: get: consumes: - application/json description: | Get Igmp Memberships. operationId: GetTier1PolicyIgmpMemberships parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/IgmpMemberships' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IGMP Memberships tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/locale-services/{locale-services-id}/multicast/igmp-memberships?format=csv: get: consumes: - application/json description: | Get Igmp Memberships in CSV format. operationId: GetTier1PolicyIgmpMembershipsInCsvFormat parameters: - in: path name: tier-1-id required: true type: string - in: path name: locale-services-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Transport node in: query name: edge_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/IgmpMembershipsInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get IGMP Memberships in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Multicast x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/nat: get: consumes: - application/json description: | List all NAT sections under the given Tier-1 ID. For more details related to NAT section please refer to PolicyNAT schema. operationId: ListPolicyNatOnTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy NAT types. tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT /infra/tier-1s/{tier-1-id}/nat/statistics: get: consumes: - application/json description: |- List NAT Rules Statistics from Tier-1 denoted by Tier-1 ID. operationId: ListPolicyNatRulesStatisticsFromTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsPerLogicalRouterListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /infra/tier-1s/{tier-1-id}/nat/{nat-id}/nat-rules: get: consumes: - application/json description: | List NAT Rules from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PATCH/PUT PoliycNatRule API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: ListPolicyNatRules parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List NAT Rules tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT /infra/tier-1s/{tier-1-id}/nat/{nat-id}/nat-rules/{nat-rule-id}: delete: consumes: - application/json description: |- Delete NAT Rule from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. operationId: DeletePolicyNatRule parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT get: consumes: - application/json description: | Get NAT Rule from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PATCH/PUT PoliycNatRule API, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: GetPolicyNatRule parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT patch: consumes: - application/json description: | If a NAT Rule is not already present on Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>, create a new NAT Rule. If it already exists, update the NAT Rule. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property, the path returned in the GET response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: PatchPolicyNatRule parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - in: body name: PolicyNatRule required: true schema: $ref: '#/definitions/PolicyNatRule' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Nat Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT put: consumes: - application/json description: | Update NAT Rule on Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. Note: IPSecVpnSession as Scope: Please note that old IPSecVpnSession policy path deprecated. If user specifiy old IPSecVpnSession path in the scope property in the PUT API, the path returned in the GET/PUT response payload will be a new path instead of the deprecated IPSecVpnSession path Both old and new IPSecVpnSession path refer to same resource. there is no functional impact. operationId: CreateOrReplacePolicyNatRule parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - in: body name: PolicyNatRule required: true schema: $ref: '#/definitions/PolicyNatRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update NAT Rule tags: - Policy - Networking - Network Services - NAT - Rules - Tier-1 Gateways x-vmw-nsx-module: PolicyNAT /infra/tier-1s/{tier-1-id}/nat/{nat-id}/nat-rules/{nat-rule-id}/statistics: get: consumes: - application/json description: | Get NAT Rule Statistics from Tier-1 denoted by Tier-1 ID, under NAT section denoted by <nat-id>. Under tier-1 there will be 3 different NATs(sections). (INTERNAL, USER and DEFAULT) For more details related to NAT section please refer to PolicyNAT schema. operationId: GetPolicyNatRuleStatisticsFromTier1 parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- NAT id in: path name: nat-id required: true type: string - description: |- Rule ID in: path name: nat-rule-id required: true type: string - description: Action on statistics enum: - aggregate in: query name: action required: false type: string - description: String Path of the Container Cluster entity in: query name: container_cluster_path required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyNatRuleStatisticsListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get NAT Rule Statistics tags: - Policy - Networking - Network Services - NAT - Statistics x-vmw-nsx-module: PolicyNAT /infra/tier-1s/{tier-1-id}/security-config: get: consumes: - application/json description: | Read Security Feature. operationId: ReadSecurityFeature parameters: - description: |- tier1 id in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Collection of T1 supported security features enum: - MALWAREPREVENTION - IDFW - IDPS - TLS in: query name: feature required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Security Feature tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Security Configuration x-vmw-nsx-module: PolicyGatewaySecurityFeature patch: consumes: - application/json description: | Create a security configuration if it is not already present, otherwise update the security onfiguration. operationId: PatchSecurityFeature parameters: - description: |- tier1 id in: path name: tier-1-id required: true type: string - in: body name: SecurityFeatures required: true schema: $ref: '#/definitions/SecurityFeatures' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update security configuration tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Security Configuration x-vmw-nsx-module: PolicyGatewaySecurityFeature put: consumes: - application/json description: | Create or update security configuration. operationId: CreateOrUpdateSecurityFeature parameters: - description: |- tier1 id in: path name: tier-1-id required: true type: string - in: body name: SecurityFeatures required: true schema: $ref: '#/definitions/SecurityFeatures' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SecurityFeatures' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update security configuration tags: - Policy - Security - North South Security - Gateway Firewall - Settings - Security Configuration x-vmw-nsx-module: PolicyGatewaySecurityFeature /infra/tier-1s/{tier-1-id}/segments: get: consumes: - application/json description: "Paginated list of all fixed segments (identified as /policy/api/v1/infra/tier-1s//segments/)\ \ under Tier-1 instance.\nThis API call does not return flexible segments\ \ (identified as /policy/api/v1/infra/segments/) connected to\ \ the Tier-1.\nTo return all segments connected as a downlink to a Tier-1\ \ one possibility is to use the search API with: https://{{nsx-mgr}}/policy/api/v1/search?query=resource_type:Segment%20AND%20connectivity_path:\u201C\ /infra/tier-1s/\nExtended Segment: Please note that old vpn path deprecated.\ \ If user specify old l2vpn path in the\n\"l2_extension\" object in the PUT/PATCH\ \ API payload, the path returned in the GET response payload may include the\ \ new path\ninstead of the deprecated l2vpn path. Both old and new l2vpn path\ \ refer to same resource. there is no functional impact.\nAlso note that l2vpn\ \ path included in the error messages returned from validation may include\ \ the new VPN path\ninstead of the deprecated l2vpn path. Both new path and\ \ old vpn path refer to same resource.\n" operationId: ListSegments parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Segment type enum: - DVPortgroup - ALL in: query name: segment_type type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Paginated list of all fixed segments (identified as /policy/api/v1/infra/tier-1s//segments/) under Tier-1 instance. tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/state: get: consumes: - application/json description: | Returns all tier-1 segments with configuration state on the enforcement point specified in the request operationId: GetTier1SegmentsByState parameters: - in: path name: tier-1-id required: true type: string - description: Configuration state of the segment on enforcement point enum: - pending - in_progress - success - failed - partial_success - orphaned - unknown in: query name: configuration_state required: false type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationStateListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segments by configuration state tags: - Policy - Networking - Connectivity - Segments - State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}: delete: consumes: - application/json description: |- Delete segment operationId: DeleteSegment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete segment tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read segment Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PUT/PATCH API payload, the path returned in the GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: ReadSegment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Segment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read segment tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If segment with the segment-id is not already present, create a new segment. If it already exists, update the segment with specified attributes. Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PATCH API payload, the path returned in the GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the Alarm, GPRR, error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: PatchSegment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: body name: Segment required: true schema: $ref: '#/definitions/Segment' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a segment tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If segment with the segment-id is not already present, create a new segment. If it already exists, replace the segment with this object. Note: Extended Segment: Please note that old vpn path deprecated. If user specify old l2vpn path in the "l2_extension" object in the PUT API payload, the path returned in the PUT/GET response payload may include the new path instead of the deprecated l2vpn path. Both old and new l2vpn path refer to same resource. there is no functional impact. Also note that l2vpn path included in the Alarm, GPRR, error messages returned from validation may include the new VPN path instead of the deprecated l2vpn path. Both new path and old vpn path refer to same resource. operationId: CreateOrReplaceSegment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: body name: Segment required: true schema: $ref: '#/definitions/Segment' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Segment' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a segment tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-proxy: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment operationId: GetDownlinkPortArpProxiesForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for tier-1 segment tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-proxy?format=csv: get: consumes: - application/json description: | Returns ARP proxy table for downlink port on connected to the segment in CSV operationId: GetDownlinkPortArpProxiesForTier1SegmentInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyArpProxyTableCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get downlink port Address Resolution Protocol Proxies for tier-1 segment in CSV tags: - Policy - Networking - Connectivity - Segments x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-table: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) for the interface (downlink) attaching segment to tier-1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GetSegmentInterfaceArpTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the interface (downlink) attaching segment to tier1 gateway, on a edge node specified in edge_path parameter. The edge_path parameter is mandatory. operationId: GetSegmentInterfaceArpTableCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from segment interface (downlink) in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/bep-statistics: get: consumes: - application/json description: | Get detailed information on Tier-1 segment bridge end point statistics using segment ID and profile path. operationId: Tier1SegmentBridgeEndpointStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Bridge profile path in: query name: bridge_profile_path required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BridgeEndpointStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment bridge end point statistics using segment ID and profile path. tags: - Policy - Networking - Connectivity - Segments - Bridge Endpoints - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/bep-status: get: consumes: - application/json description: | Get detailed information on Tier-1 segment bridge end point status using segment ID and profile path. operationId: Tier1SegmentBridgeEndpointStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Bridge profile path in: query name: bridge_profile_path required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/BridgeEndpointStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment bridge end point status using segment ID and profile path. tags: - Policy - Networking - Connectivity - Segments - Bridge Endpoints - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/dhcp-static-binding-configs: get: consumes: - application/json description: | Paginated list of all DHCP static binding instances operationId: ListSegmentDhcpStaticBinding parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List all DHCP static bindings tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings (Fixed) x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/{segment-id}/dhcp-static-binding-configs/{binding-id}: delete: consumes: - application/json description: |- Delete DHCP static binding operationId: DeleteSegmentDhcpStaticBinding parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings (Fixed) x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read DHCP static binding operationId: ReadSegmentDhcpStaticBinding parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings (Fixed) x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If binding with the binding-id is not already present, create a new DHCP static binding instance. If it already exists, replace the existing DHCP static binding instance with specified attributes. operationId: PatchSegmentDhcpStaticBinding parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string - in: body name: DhcpStaticBindingConfig required: true schema: $ref: '#/definitions/DhcpStaticBindingConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings (Fixed) x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If binding with the binding-id is not already present, create a new DHCP static binding instance. If it already exists, replace the existing DHCP static binding instance with this object. operationId: CreateOrReplaceSegmentDhcpStaticBinding parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string - in: body name: DhcpStaticBindingConfig required: true schema: $ref: '#/definitions/DhcpStaticBindingConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update DHCP static binding tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings - Segments Bindings (Fixed) x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/{segment-id}/dhcp-static-bindings/{binding-id}/state: get: consumes: - application/json description: |- Read DHCP static binding state operationId: ReadSegmentDhcpStaticBindingState parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/DhcpStaticBindingState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read DHCP static binding state tags: - Policy - Networking - IP Management - DHCP - DHCP Static Bindings x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-arp-table: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/tier-1s/<tier-1-id>/segments/<segment-id>/arp-table Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GetDownlinkPortArpTableForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-arp-table?format=csv: get: consumes: - application/json description: | This API is deprecated because it is duplicate. Please use /infra/tier-1s/<tier-1-id>/segments/<segment-id>/arp-table?format=csv Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GetDownlinkPortArpTableForTier1SegmentInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table for downlink router port on tier-1 router in CSV tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-dad-state: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GetDownlinkPortDadStateForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceDADState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get DAD state for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - DAD State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-statistics: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GetDownlinkPortStatisticsForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/gateway-interface-statistics/summary: get: consumes: - application/json description: | Segment ID is the ID of the segment that is connected to the the tier-1 operationId: GetDownlinkPortStatisticsSummaryForTier1Segment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get statistics for downlink router port on tier-1 router tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GetTier1SegmentMacTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment MAC table tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment operationId: GetTier1SegmentMacTableInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/MacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports: get: consumes: - application/json description: | List all the ports for a Tier-1 segment. operationId: ListTier1SegmentPorts parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 segment ports tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}: delete: consumes: - application/json description: | Delete a Tier-1 segment port by giving ID. operationId: DeleteTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Get detail information on a Tier-1 segment port by giving ID. operationId: GetTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier-1 segment port by ID tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create a Tier-1 segment port if it does not exist based on the IDs, or update existing port information by replacing the port object fields which presents in the request body. operationId: PatchTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch a Tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create a Tier-1 segment port if it does not exist based on the IDs, or update existing port information by replacing the port object already exists. operationId: CreateOrReplaceTier1SegmentPort parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: body name: SegmentPort required: true schema: $ref: '#/definitions/SegmentPort' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPort' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/mac-table: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GetTier1SegmentPortMacTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get MAC table for tier-1 segment port tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/mac-table?format=csv: get: consumes: - application/json description: | Returns MAC table for a segment port operationId: GetTier1SegmentPortMacTableInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortMacAddressCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment port MAC table in CSV tags: - Policy - Networking - Connectivity - Segments - Ports - MAC Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Port Discovery Profile Binding Maps in current port id. operationId: ListPortDiscoveryBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-discovery-profile-binding-maps/{port-discovery-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Port Discovery Profile Binding Profile operationId: DeletePortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port Discovery Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding get: consumes: - application/json description: | API will get Port Discovery Profile Binding Map operationId: GetPortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding patch: consumes: - application/json description: |- API will create Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: PatchPortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding put: consumes: - application/json description: |- API will update Port Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdatePortDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Discovery Profile Binding Map ID in: path name: port-discovery-profile-binding-map-id required: true type: string - in: body name: PortDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Port Monitoring Profile Binding Maps in current port id. operationId: ListPortMonitoringBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Port Monitoring Profile Binding Profile. operationId: DeletePortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port Monitoring Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding get: consumes: - application/json description: | API will get Port Monitoring Profile Binding Map. operationId: GetPortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding patch: consumes: - application/json description: |- API will create Port Monitoring Profile Binding Map. operationId: PatchPortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding put: consumes: - application/json description: |- API will update Port Monitoring Profile Binding Map. operationId: UpdatePortMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port Monitoring Profile Binding Map ID in: path name: port-monitoring-profile-binding-map-id required: true type: string - in: body name: PortMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-monitoring-profile-binding-maps/{port-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get mirror stack status by Port Monitoring Profile Binding Map. operationId: GetPortMonitoringBindingMirrorStackStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - in: path name: port-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Port Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Port QoS Profile Binding Maps in current port id. operationId: ListPortQoSBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Port QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-qos-profile-binding-maps/{port-qos-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Port QoS Profile Binding Profile. operationId: DeletePortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Port QoS Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding get: consumes: - application/json description: | API will get Port QoS Profile Binding Map. operationId: GetPortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding patch: consumes: - application/json description: |- API will create Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: PatchPortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding put: consumes: - application/json description: |- API will update Port QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdatePortQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Port ID in: path name: port-id required: true type: string - description: |- Port QoS Profile Binding Map ID in: path name: port-qos-profile-binding-map-id required: true type: string - in: body name: PortQoSProfileBindingMap required: true schema: $ref: '#/definitions/PortQoSProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Port QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps: get: consumes: - application/json description: | API will list all port security profile binding maps. operationId: ListPortSecurityProfileBindings parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List port security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/port-security-profile-binding-maps/{port-security-profile-binding-map-id} : delete: consumes: - application/json description: | API will delete the port security profile binding map. operationId: DeletePortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete the port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding get: consumes: - application/json description: | API will return details of the port security profile binding map. If the security profile binding map does not exist, it will return 404. operationId: GetPortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding patch: consumes: - application/json description: | Create a new port security profile binding map if the given security profile binding map does not exist. Otherwise, patch the existing port security profile binding map. For objects with no binding maps, default profile is applied. operationId: PatchPortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding put: consumes: - application/json description: | API will create or replace the port security profile binding map. For objects with no binding maps, default profile is applied. operationId: CreateOrUpdatePortSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- port id in: path name: port-id required: true type: string - description: |- port security profile binding map id in: path name: port-security-profile-binding-map-id required: true type: string - in: body name: PortSecurityProfileBindingMap required: true schema: $ref: '#/definitions/PortSecurityProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PortSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace the port security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/ports/{port-id}/state: get: consumes: - application/json description: | Returns tier-1 segment port state on enforcement point operationId: GetTier1SegmentPortState parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: port-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment port state tags: - Policy - Networking - Connectivity - Segments - Ports - State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-discovery-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment Discovery Profile Binding Maps in current segment id. operationId: ListSegmentDiscoveryBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment Discovery Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-discovery-profile-binding-maps/{segment-discovery-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Segment Discovery Profile Binding Profile operationId: DeleteSegmentDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Segment Discovery Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding get: consumes: - application/json description: | API will get Segment Discovery Profile Binding Map operationId: GetSegmentDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding patch: consumes: - application/json description: |- API will create Segment Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: PatchSegmentDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string - in: body name: SegmentDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding put: consumes: - application/json description: |- API will update Segment Discovery Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdateSegmentDiscoveryBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Discovery Profile Binding Map ID in: path name: segment-discovery-profile-binding-map-id required: true type: string - in: body name: SegmentDiscoveryProfileBindingMap required: true schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Segment Discovery Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Discovery Profile Binding x-vmw-nsx-module: PolicyDiscoveryProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-monitoring-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment Monitoring Profile Binding Maps in current segment id. operationId: ListSegmentMonitoringBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment Monitoring Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id} : delete: consumes: - application/json description: |- API will delete Segment Monitoring Profile Binding Profile. operationId: DeleteSegmentMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Segment Monitoring Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding get: consumes: - application/json description: | API will get Segment Monitoring Profile Binding Map. operationId: GetSegmentMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding patch: consumes: - application/json description: |- API will create segment monitoring profile binding map. operationId: PatchSegmentMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string - in: body name: SegmentMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding put: consumes: - application/json description: |- API will update Segment Monitoring Profile Binding Map. operationId: UpdateSegmentMonitoringBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment Monitoring Profile Binding Map ID in: path name: segment-monitoring-profile-binding-map-id required: true type: string - in: body name: SegmentMonitoringProfileBindingMap required: true schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-monitoring-profile-binding-maps/{segment-monitoring-profile-binding-map-id}/mirror-stack-status : get: consumes: - application/json description: | API will get mirror stack status by Segment Monitoring Profile Binding Map. operationId: GetSegmentMonitoringBindingMirrorStackStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: path name: segment-monitoring-profile-binding-map-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Binding map path enforcemnt point path to remote L3 mirror session in: query name: enforcement_point_path required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MirrorStackStatusListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get mirror stack status for Segment Monitoring Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Monitoring Profile Binding x-vmw-nsx-module: PolicyMonitoringProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-qos-profile-binding-maps: get: consumes: - application/json description: | API will list all Segment QoS Profile Binding Maps in current segment id. operationId: ListSegmentQoSBindings parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Segment QoS Profile Binding Maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-qos-profile-binding-maps/{segment-qos-profile-binding-map-id}: delete: consumes: - application/json description: |- API will delete Segment QoS Profile Binding Profile. operationId: DeleteSegmentQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Segment QoS Profile Binding Profile tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding get: consumes: - application/json description: | API will get Segment QoS Profile Binding Map. operationId: GetSegmentQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding patch: consumes: - application/json description: |- API will create segment QoS profile binding map. For objects with no binding maps, default profile is applied. operationId: PatchSegmentQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string - in: body name: SegmentQoSProfileBindingMap required: true schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding put: consumes: - application/json description: |- API will update Segment QoS Profile Binding Map. For objects with no binding maps, default profile is applied. operationId: UpdateSegmentQoSBinding parameters: - description: |- Tier-1 ID in: path name: tier-1-id required: true type: string - description: |- Segment ID in: path name: segment-id required: true type: string - description: |- Segment QoS Profile Binding Map ID in: path name: segment-qos-profile-binding-map-id required: true type: string - in: body name: SegmentQoSProfileBindingMap required: true schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentQoSProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Segment QoS Profile Binding Map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - QOS Profile Binding x-vmw-nsx-module: PolicyQoSProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-security-profile-binding-maps: get: consumes: - application/json description: | API will list all segment security profile binding maps. operationId: ListSegmentSecurityProfileBindings parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMapListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List segment security profile binding maps tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding ? /infra/tier-1s/{tier-1-id}/segments/{segment-id}/segment-security-profile-binding-maps/{segment-security-profile-binding-map-id} : delete: consumes: - application/json description: | API will delete segment security profile binding map. operationId: DeleteSegmentSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding get: consumes: - application/json description: | API will return details of the segment security profile binding map. If the binding map does not exist, it will return 404. operationId: GetSegmentSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding patch: consumes: - application/json description: | Create a new segment security profile binding map if the given security profile binding map does not exist. Otherwise, patch the existing segment security profile binding map. For objects with no binding maps, default profile is applied. operationId: PatchSegmentSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string - in: body name: SegmentSecurityProfileBindingMap required: true schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Patch segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding put: consumes: - application/json description: | API will create or replace segment security profile binding map. For objects with no binding maps, default profile is applied. operationId: CreateOrUpdateSegmentSecurityProfileBinding parameters: - description: |- tier-1 gateway id in: path name: tier-1-id required: true type: string - description: |- segment id in: path name: segment-id required: true type: string - description: |- segment security profile binding map id in: path name: segment-security-profile-binding-map-id required: true type: string - in: body name: SegmentSecurityProfileBindingMap required: true schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentSecurityProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or replace segment security profile binding map tags: - Policy - Networking - Connectivity - Segments - Segment Profiles - Segment Security Profile Binding x-vmw-nsx-module: PolicySecurityProfileBinding /infra/tier-1s/{tier-1-id}/segments/{segment-id}/static-arp: delete: consumes: - application/json description: |- Delete static ARP config operationId: DeleteStaticARPConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete static ARP config tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read static ARP config operationId: ReadStaticARPConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticARPConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read static ARP config tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create static ARP config with Tier-1 and segment IDs provided if it doesn't exist, update with provided config if it's already created. operationId: PatchStaticARPConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: body name: StaticARPConfig required: true schema: $ref: '#/definitions/StaticARPConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a static ARP config tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create static ARP config with Tier-1 and segment IDs provided if it doesn't exist, update with provided config if it's already created. operationId: CreateOrReplaceStaticARPConfig parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - in: body name: StaticARPConfig required: true schema: $ref: '#/definitions/StaticARPConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticARPConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a static ARP config tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/{segment-id}/tep-table: get: consumes: - application/json description: | Returns TEP table for a segment operationId: GetTier1SegmentTepTable parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment TEP table tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}/tep-table?format=csv: get: consumes: - application/json description: | Returns TEP table for a segment in CSV operationId: GetTier1SegmentTepTableInCsv parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - description: Data source type. enum: - realtime - cached in: query name: source required: false type: string - description: TransportNode Id in: query name: transport_node_id required: false type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/PolicyTepCsvListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment TEP table in CSV tags: - Policy - Networking - Connectivity - Segments - TEP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segment-id}?force=true: delete: consumes: - application/json description: | Force delete bypasses validations during segment deletion. This may result in an inconsistent connectivity. operationId: ForceDeleteSegment parameters: - in: path name: tier-1-id required: true type: string - in: path name: segment-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Force delete segment tags: - Policy - Networking - Connectivity - Segments - Segments (Fixed) x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/segments/{segments-id}/ports/{port-id}/statistics: get: consumes: - application/json description: | Get tier-1 segment port statistics information. operationId: GetSegmentPortStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 segment port statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segments-id}/ports/{port-id}/status: get: consumes: - application/json description: | Get tier1 segment port status information. operationId: GetSegmentPortStatus parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - in: path name: port-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentPortStatus' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment port status information tags: - Policy - Networking - Connectivity - Segments - Status x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segments-id}/state: get: consumes: - application/json description: | Get tier1 segment state information. operationId: GetSegmentState parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentConfigurationState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment state information tags: - Policy - Networking - Connectivity - Segments - State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/segments/{segments-id}/statistics: get: consumes: - application/json description: | Get tier1 segment statistics information. operationId: GetSegmentStatistics parameters: - in: path name: tier-1-id required: true type: string - in: path name: segments-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SegmentStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get segment statistics information tags: - Policy - Networking - Connectivity - Segments - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/state: get: consumes: - application/json description: | Returns operationId: GetTier1State parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - description: Interface path for interface specific state such as IPv6 DAD state in: query name: interface_path type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Returns specific information based on the value specified. enum: - GATEWAY_STATE - GATEWAY_STATUS - IPV6_STATUS in: query name: type type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Tier1GatewayState' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tier1 state tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - State x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/static-routes: get: consumes: - application/json description: | Paginated list of all Tier-1 Static Routes operationId: ListTier1StaticRoutes parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutesListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Tier-1 Static Routes tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/static-routes/{route-id}: delete: consumes: - application/json description: |- Delete Tier-1 static routes operationId: DeleteTier1StaticRoutes parameters: - in: path name: tier-1-id required: true type: string - in: path name: route-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Tier-1 static routes tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: |- Read Tier-1 static routes operationId: ReadTier1StaticRoutes parameters: - in: path name: tier-1-id required: true type: string - in: path name: route-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Tier-1 static routes tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If static routes for route-id are not already present, create static routes. If it already exists, update static routes for route-id. operationId: PatchTier1StaticRoutes parameters: - in: path name: tier-1-id required: true type: string - in: path name: route-id required: true type: string - in: body name: StaticRoutes required: true schema: $ref: '#/definitions/StaticRoutes' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 static routes tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If static routes for route-id are not already present, create static routes. If it already exists, replace the static routes for route-id. operationId: CreateOrReplaceTier1StaticRoutes parameters: - in: path name: tier-1-id required: true type: string - in: path name: route-id required: true type: string - in: body name: StaticRoutes required: true schema: $ref: '#/definitions/StaticRoutes' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/StaticRoutes' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a Tier-1 static routes tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Routing - Static Routes x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier-1-id}/tier-0-interface/arp-table: get: consumes: - application/json description: | Get tier-1 interface arp information. operationId: GetTier1RouterLinkArpTable parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTable' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 router link arp information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/tier-0-interface/arp-table?format=csv: get: consumes: - application/json description: | Returns ARP table (IPv4) or Neighbor Discovery table (IPv6) in CSV format for the tier-1 router link interface. operationId: GetTier1RouterLinkArpTableCsv parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Policy path of host transport node in: query name: host_transport_node_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - text/csv responses: '200': description: OK schema: $ref: '#/definitions/InterfaceArpTableInCsvFormat' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get ARP table from tier-1 router link interface in CSV format tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - ARP Table x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/tier-0-interface/statistics: get: consumes: - application/json description: | Get tier-0 interface statistics information. operationId: GetTier1RouterLinkStatistics parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Policy path of edge node in: query name: edge_path type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatistics' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 router link statistics information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/tier-0-interface/statistics/summary: get: consumes: - application/json description: | Get tier-1 interface statistics summary information. operationId: GetTier1RouterLinkSummaryStatistics parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Enforcement point path in: query name: enforcement_point_path type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyInterfaceStatisticsSummary' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get tier-1 router link statistics summary information tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Interfaces - Statistics x-vmw-nsx-module: PolicyConnectivityStatistics /infra/tier-1s/{tier-1-id}/tls-inspection-state: get: consumes: - application/json description: | TLS inspection execution state details for the tier1 operationId: ListTlsState parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: true description: TLS inspection failed domain filter in: query name: failed_domains required: false type: boolean - description: Fully Qualified Domain Name in: query name: fqdn required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsStateObjectListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- TLS inspection execution state details for the tier1 tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls State x-vmw-nsx-module: PolicyTlsState /infra/tier-1s/{tier-1-id}/tls-inspection-state/fqdns: get: consumes: - application/json description: | TLS inspection execution state fqdn details for the tier1 operationId: ListTlsStateFqdns parameters: - in: path name: tier-1-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: true description: TLS inspection failed domain filter in: query name: failed_domains required: false type: boolean - description: Fully Qualified Domain Name in: query name: fqdn required: false type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsStateObjectListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- TLS inspection execution state fqdn details for the tier1 tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls State x-vmw-nsx-module: PolicyTlsState /infra/tier-1s/{tier-1-id}/tls-inspection-state/fqdns/{fqdn-id}: get: consumes: - application/json description: |- Get TLS inspection FQDN state operationId: GetTlsStateFqdn parameters: - in: path name: tier-1-id required: true type: string - in: path name: fqdn-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsStateObject' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get TLS inspection FQDN state tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls State x-vmw-nsx-module: PolicyTlsState /infra/tier-1s/{tier-1-id}?action=reprocess: post: consumes: - application/json description: | Reprocess Tier1 gateway configuration and configuration of related entities like Tier1 interfaces and static routes, etc. Any missing Updates are published to NSX controller. operationId: Tier1GatewayReprocess parameters: - in: path name: tier-1-id required: true type: string - description: String Path of the enforcement point in: query name: enforcement_point_path type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Reprocess Tier1 gateway configuration and publish updates to NSX controller tags: - Policy - Networking - Connectivity - Tier-1 Gateways - Tier-1 Gateways x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier1-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id}: delete: consumes: - application/json description: |- API will delete Flood Protection Profile Binding for Tier-1 Logical Router. operationId: DeleteTier1FloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Flood Protection Profile Binding for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-1 Logical Router. operationId: GetTier1FloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-1 Logical Router. operationId: PatchTier1FloodProtectionProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-1 Logical Router. operationId: UpdateTier1FloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /infra/tier-1s/{tier1-id}/locale-services/{locale-services-id}/flood-protection-profile-bindings/{flood-protection-profile-binding-id} : delete: consumes: - application/json description: |- API will delete Flood Protection Profile Binding for Tier-1 Logical Router LocaleServices. operationId: DeleteTier1LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Flood Protection Profile Binding for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices. operationId: GetTier1LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-1 Logical Router LocaleServices. operationId: PatchTier1LocaleServicesFloodProtectionProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Flood Protection profile binding map for Tier-1 Logical Router LocaleServices. operationId: UpdateTier1LocaleServicesFloodProtectionProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: flood-protection-profile-binding-id required: true type: string - in: body name: FloodProtectionProfileBindingMap required: true schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/FloodProtectionProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Flood Protection Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Flood Protection Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding ? /infra/tier-1s/{tier1-id}/locale-services/{locale-services-id}/session-timer-profile-bindings/{session-timer-profile-binding-id} : delete: consumes: - application/json description: |- API will delete Session Timer Profile Binding for Tier-1 Logical Router LocaleServices. operationId: DeleteTier1LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Session Timer Profile Binding for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices. operationId: GetTier1LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-1 Logical Router LocaleServices. operationId: PatchTier1LocaleServicesSessionTimerProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-1 Logical Router LocaleServices. operationId: UpdateTier1LocaleServicesSessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: locale-services-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-1 Logical Router LocaleServices tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /infra/tier-1s/{tier1-id}/segments/{segment-id}?action=delete_dhcp_leases: post: consumes: - application/json description: | Delete one or multiple DHCP lease(s) specified by IP and MAC under a Tier-1. If there is a DHCP server running upon the given segment, or this segment is using a DHCP server running in its connected Tier-1, the DHCP lease(s) which match exactly the IP address and the MAC address will be deleted. If no such lease matches, the deletion for this lease will be ignored. The DHCP lease to be deleted will be removed by the system from both active and standby node. The system will report error if the DHCP lease could not be removed from both nodes. If the DHCP lease could not be removed on either node, please check the DHCP server status. Once the DHCP server status is UP, please invoke the deletion API again to ensure the lease gets deleted from both nodes. operationId: DeleteDhcpLeaseUnderTier1 parameters: - in: path name: tier1-id required: true type: string - in: path name: segment-id required: true type: string - in: body name: DhcpDeleteLeases required: true schema: $ref: '#/definitions/DhcpDeleteLeases' - description: Enforcement point path in: query name: enforcement_point_path type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete DHCP lease(s) specified by IP and MAC tags: - Policy - Networking - IP Management - DHCP - DHCP Leases x-vmw-nsx-module: PolicyConnectivity /infra/tier-1s/{tier1-id}/session-timer-profile-bindings/{session-timer-profile-binding-id}: delete: consumes: - application/json description: |- API will delete Session Timer Profile Binding for Tier-1 Logical Router. operationId: DeleteTier1SessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Session Timer Profile Binding for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get Session Timer Profile Binding Map for Tier-1 Logical Router. operationId: GetTier1SessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Session Timer Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-1 Logical Router. operationId: PatchTier1SessionTimerProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update Session Timer profile binding map for Tier-1 Logical Router. operationId: UpdateTier1SessionTimerProfileBinding parameters: - in: path name: tier1-id required: true type: string - in: path name: session-timer-profile-binding-id required: true type: string - in: body name: SessionTimerProfileBindingMap required: true schema: $ref: '#/definitions/SessionTimerProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SessionTimerProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update Session Timer Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - Security Profiles - Session Timer Profile Binding x-vmw-nsx-module: PolicyGatewayProfileBinding /infra/tier-1s/{tier1-id}/tls-inspection-config-profile-bindings/{tls-inspection-config-profile-binding-id}: delete: consumes: - application/json description: |- API will delete TLS Config Profile Binding for Tier-1 Logical Router. operationId: DeleteTier1TlsConfigProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: tls-inspection-config-profile-binding-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete TLS Config Profile Binding for Tier-1 Logical Router tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyGatewayProfileBinding get: consumes: - application/json description: | API will get TLS Config Profile Binding Map for Tier-1 Logical Router. operationId: GetTier1TlsConfigProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: tls-inspection-config-profile-binding-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsConfigProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get TLS Config Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyGatewayProfileBinding patch: consumes: - application/json description: |- API will create or update TLS Config profile binding map for Tier-1 Logical Router. operationId: PatchTier1TlsConfigProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: tls-inspection-config-profile-binding-id required: true type: string - in: body name: TlsConfigProfileBindingMap required: true schema: $ref: '#/definitions/TlsConfigProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsConfigProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update TLS Config Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyGatewayProfileBinding put: consumes: - application/json description: |- API will create or update TLS Config profile binding map for Tier-1 Logical Router. operationId: UpdateTier1TlsConfigProfileBindingMap parameters: - in: path name: tier1-id required: true type: string - in: path name: tls-inspection-config-profile-binding-id required: true type: string - in: body name: TlsConfigProfileBindingMap required: true schema: $ref: '#/definitions/TlsConfigProfileBindingMap' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsConfigProfileBindingMap' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update TLS Config Profile Binding Map for Tier-1 Logical Router tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Config x-vmw-nsx-module: PolicyGatewayProfileBinding /infra/tls-inspection-action-profiles: get: consumes: - application/json description: | List all the Tls profiles available by requested resource_type. operationId: ListTlsProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Tls profiles available. tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Profiles x-vmw-nsx-module: PolicyTlsActionProfile /infra/tls-inspection-action-profiles/{action-profile-id}: delete: consumes: - application/json description: | Deletes a Tls profile. operationId: DeleteTlsProfile parameters: - in: path name: action-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete a Tls profile. tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Profiles x-vmw-nsx-module: PolicyTlsActionProfile get: consumes: - application/json description: | Return Tls profile. operationId: GetTlsProfile parameters: - in: path name: action-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get TLS profile with id. tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Profiles x-vmw-nsx-module: PolicyTlsActionProfile patch: consumes: - application/json description: | Create a Tls profile with values provided. It creates profile based on the resource_type in the payload. Each action profile supports the following 3 pre-defined config setting defaults: Balanced, High Fidelity and High Security. 1 - External Profile Balanced (default) Sample intent path: /infra/tls-inspection-action-profiles/external-balanced-profile API payload: 
        {
            "tls_config_setting": "BALANCED",
            "resource_type": "TlsInspectionExternalProfile",
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2"
        }
Profile with default settings: 
        {
            "tls_config_setting": "BALANCED",
            "invalid_cert_action": "ALLOW",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "ENFORCE",
            "client_min_tls_version": "TLS_V1_1",
            "client_max_tls_version": "TLS_V1_2",
            "server_min_tls_version": "TLS_V1_1",
            "server_max_tls_version": "TLS_V1_2",
            "client_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "server_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2",
            "ocsp_must_staple": false,
            "resource_type": "TlsInspectionExternalProfile",
            "id": "external-balanced-profile",
            "display_name": "external-balanced-profile",
            "path": "/infra/tls-inspection-action-profiles/external-balanced-profile",
            "relative_path": "external-balanced-profile",
            "parent_path": "/infra",
            "unique_id": "bb236080-e49d-4475-9eb3-b749b075164a",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622225641015,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622225641015,
            "_revision": 0
        }
2 - External Profile High Fidelity Sample intent path: /infra/tls-inspection-action-profiles/external-high-fidelity-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "resource_type": "TlsInspectionExternalProfile",
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2"
        }
Profile with default settings: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "invalid_cert_action": "ALLOW",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "TRANSPARENT",
            "client_min_tls_version": "",
            "client_max_tls_version": "",
            "server_min_tls_version": "",
            "server_max_tls_version": "",
            "client_cipher_suite": [],
            "server_cipher_suite": [],
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2",
            "ocsp_must_staple": false,
            "resource_type": "TlsInspectionExternalProfile",
            "id": "external-high-fidelity-profile",
            "display_name": "external-high-fidelity-profile",
            "path": "/infra/tls-inspection-action-profiles/external-high-fidelity-profile",
            "relative_path": "external-high-fidelity-profile",
            "parent_path": "/infra",
            "unique_id": "bb6c8604-c8eb-44dd-aded-7407e0ca887c",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622225537386,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622225537386,
            "_revision": 0
        }
3 - External Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/external-high-security-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_SECURITY",
            "resource_type": "TlsInspectionExternalProfile",
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2"
        }
Profile with default settings: 
        {
           "tls_config_setting": "HIGH_SECURITY",
           "invalid_cert_action": "BLOCK",
           "decryption_fail_action": "BLOCK",
           "crypto_enforcement": "ENFORCE",
           "client_min_tls_version": "TLS_V1_2",
           "client_max_tls_version": "TLS_V1_2",
           "server_min_tls_version": "TLS_V1_2",
           "server_max_tls_version": "TLS_V1_2",
           "client_cipher_suite": [
               "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
               "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
           ],
           "server_cipher_suite": [
               "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
               "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
           ],
           "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
           "proxy_untrusted_ca_cert": "/infra/certificates/caCert2",
           "ocsp_must_staple": false,
           "resource_type": "TlsInspectionExternalProfile",
           "id": "external-high-security-profile",
           "display_name": "external-high-security-profile",
           "path": "/infra/tls-inspection-action-profiles/external-high-security-profile",
           "relative_path": "external-high-security-profile",
           "parent_path": "/infra",
           "unique_id": "e19cbc40-c679-4f32-9e40-aa5eedf7f254",
           "marked_for_delete": false,
           "overridden": false,
           "trusted_ca_bundles": [
               "/infra/cabundles/default_trusted_public_ca_bundle"
           ],
           "crls": [
               "/infra/crls/nsx_default_public_crl"
           ],
           "idle_connection_timeout": 5400,
           "_system_owned": false,
           "_protection": "NOT_PROTECTED",
           "_create_user": "admin",
           "_create_time": 1622141786963,
           "_last_modified_user": "admin",
           "_last_modified_time": 1622225387352,
           "_revision": 4
        }
4 - Internal Profile Balanced Sample intent path:/infra/tls-inspection-action-profiles/internal-balanced-profile Sample intent path: 
        {
            "tls_config_setting": "BALANCED",
            "resource_type": "TlsInspectionInternalProfile",
            "server_certs_key": ["/infra/certificates/server-cert-1"],
            "default_cert_key": "/infra/certificates/server-cert-1"
        }
Profile with default settings: 
        {
            "tls_config_setting": "BALANCED",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "ENFORCE",
            "client_min_tls_version": "TLS_V1_1",
            "client_max_tls_version": "TLS_V1_2",
            "server_min_tls_version": "TLS_V1_1",
            "server_max_tls_version": "TLS_V1_2",
            "client_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "server_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "server_certs_key": [
                "/infra/certificates/server-cert-1"
            ],
            "default_cert_key": "/infra/certificates/server-cert-1",
            "ocsp_must_staple": false,
            "certificate_validation": false,
            "resource_type": "TlsInspectionInternalProfile",
            "id": "internal-balanced-profile",
            "display_name": "internal-balanced-profile",
            "path": "/infra/tls-inspection-action-profiles/internal-balanced-profile",
            "relative_path": "internal-balanced-profile",
            "parent_path": "/infra",
            "unique_id": "b8486763-843a-4894-8dfd-5bceebb10cd3",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622071598527,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622071598527,
            "_revision": 0
        }
5 - Internal Profile High Fidelity Sample intent path:/infra/tls-inspection-action-profiles/internal-high-fidelity-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "resource_type": "TlsInspectionInternalProfile",
            "server_certs_key": ["/infra/certificates/server-cert-1"],
            "default_cert_key": "/infra/certificates/server-cert-1"
        }
Profile with default settings: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "TRANSPARENT",
            "client_min_tls_version": "",
            "client_max_tls_version": "",
            "server_min_tls_version": "",
            "server_max_tls_version": "",
            "client_cipher_suite": [],
            "server_cipher_suite": [],
            "server_certs_key": [
                "/infra/certificates/server-cert-1"
            ],
            "default_cert_key": "/infra/certificates/server-cert-1",
            "ocsp_must_staple": false,
            "certificate_validation": false,
            "resource_type": "TlsInspectionInternalProfile",
            "id": "internal-high-fidelity-profile",
            "display_name": "internal-high-fidelity-profile",
            "path": "/infra/tls-inspection-action-profiles/internal-high-fidelity-profile",
            "relative_path": "internal-high-fidelity-profile",
            "parent_path": "/infra",
            "unique_id": "27609d17-e642-4a7a-b414-176b3f7eca8d",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622071452299,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622071452299,
            "_revision": 0
        }
6 - Internal Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/internal-high-security-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_SECURITY",
            "resource_type": "TlsInspectionInternalProfile",
            "server_certs_key": ["/infra/certificates/server-cert-1"],
            "default_cert_key": "/infra/certificates/server-cert-1"
        }
Profile with default settings: 
        {
            "tls_config_setting": "HIGH_SECURITY",
            "decryption_fail_action": "BLOCK",
            "crypto_enforcement": "ENFORCE",
            "client_min_tls_version": "TLS_V1_2",
            "client_max_tls_version": "TLS_V1_2",
            "server_min_tls_version": "TLS_V1_2",
            "server_max_tls_version": "TLS_V1_2",
            "client_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
            ],
            "server_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
            ],
            "server_certs_key": [
                "/infra/certificates/server-cert-1"
            ],
            "default_cert_key": "/infra/certificates/server-cert-1",
            "ocsp_must_staple": false,
            "certificate_validation": false,
            "resource_type": "TlsInspectionInternalProfile",
            "id": "internal-high-security-profile",
            "display_name": "internal-high-security-profile",
            "path": "/infra/tls-inspection-action-profiles/internal-high-security-profile",
            "relative_path": "internal-high-security-profile",
            "parent_path": "/infra",
            "unique_id": "52e3e7e8-718d-4eaf-a177-501f196c421a",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622071359539,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622071359539,
            "_revision": 0
        }
operationId: PatchTlsProfile parameters: - in: path name: action-profile-id required: true type: string - in: body name: TlsProfile required: true schema: $ref: '#/definitions/TlsProfile' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/TlsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create a Tls profile. tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Profiles x-vmw-nsx-module: PolicyTlsActionProfile put: consumes: - application/json description: | Update user configurable properties of Tls profile. Each action profile supports the following 3 pre-defined config setting defaults: Balanced, High Fidelity and High Security. 1 - External Profile Balanced (default) Sample intent path: /infra/tls-inspection-action-profiles/external-balanced-profile API payload: 
        {
            "tls_config_setting": "BALANCED",
            "resource_type": "TlsInspectionExternalProfile",
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2"
        }
Profile with default settings: 
        {
            "tls_config_setting": "BALANCED",
            "invalid_cert_action": "ALLOW",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "ENFORCE",
            "client_min_tls_version": "TLS_V1_1",
            "client_max_tls_version": "TLS_V1_2",
            "server_min_tls_version": "TLS_V1_1",
            "server_max_tls_version": "TLS_V1_2",
            "client_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "server_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2",
            "ocsp_must_staple": false,
            "resource_type": "TlsInspectionExternalProfile",
            "id": "external-balanced-profile",
            "display_name": "external-balanced-profile",
            "path": "/infra/tls-inspection-action-profiles/external-balanced-profile",
            "relative_path": "external-balanced-profile",
            "parent_path": "/infra",
            "unique_id": "bb236080-e49d-4475-9eb3-b749b075164a",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622225641015,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622225641015,
            "_revision": 0
        }
2 - External Profile High Fidelity Sample intent path: /infra/tls-inspection-action-profiles/external-high-fidelity-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "resource_type": "TlsInspectionExternalProfile",
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2"
        }
Profile with default settings: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "invalid_cert_action": "ALLOW",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "TRANSPARENT",
            "client_min_tls_version": "",
            "client_max_tls_version": "",
            "server_min_tls_version": "",
            "server_max_tls_version": "",
            "client_cipher_suite": [],
            "server_cipher_suite": [],
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2",
            "ocsp_must_staple": false,
            "resource_type": "TlsInspectionExternalProfile",
            "id": "external-high-fidelity-profile",
            "display_name": "external-high-fidelity-profile",
            "path": "/infra/tls-inspection-action-profiles/external-high-fidelity-profile",
            "relative_path": "external-high-fidelity-profile",
            "parent_path": "/infra",
            "unique_id": "bb6c8604-c8eb-44dd-aded-7407e0ca887c",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622225537386,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622225537386,
            "_revision": 0
        }
3 - External Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/external-high-security-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_SECURITY",
            "resource_type": "TlsInspectionExternalProfile",
            "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
            "proxy_untrusted_ca_cert": "/infra/certificates/caCert2"
        }
Profile with default settings: 
        {
           "tls_config_setting": "HIGH_SECURITY",
           "invalid_cert_action": "BLOCK",
           "decryption_fail_action": "BLOCK",
           "crypto_enforcement": "ENFORCE",
           "client_min_tls_version": "TLS_V1_2",
           "client_max_tls_version": "TLS_V1_2",
           "server_min_tls_version": "TLS_V1_2",
           "server_max_tls_version": "TLS_V1_2",
           "client_cipher_suite": [
               "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
               "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
           ],
           "server_cipher_suite": [
               "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
               "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
           ],
           "proxy_trusted_ca_cert": "/infra/certificates/caCert1",
           "proxy_untrusted_ca_cert": "/infra/certificates/caCert2",
           "ocsp_must_staple": false,
           "resource_type": "TlsInspectionExternalProfile",
           "id": "external-high-security-profile",
           "display_name": "external-high-security-profile",
           "path": "/infra/tls-inspection-action-profiles/external-high-security-profile",
           "relative_path": "external-high-security-profile",
           "parent_path": "/infra",
           "unique_id": "e19cbc40-c679-4f32-9e40-aa5eedf7f254",
           "marked_for_delete": false,
           "overridden": false,
           "trusted_ca_bundles": [
               "/infra/cabundles/default_trusted_public_ca_bundle"
           ],
           "crls": [
               "/infra/crls/nsx_default_public_crl"
           ],
           "idle_connection_timeout": 5400,
           "_system_owned": false,
           "_protection": "NOT_PROTECTED",
           "_create_user": "admin",
           "_create_time": 1622141786963,
           "_last_modified_user": "admin",
           "_last_modified_time": 1622225387352,
           "_revision": 4
        }
4 - Internal Profile Balanced Sample intent path:/infra/tls-inspection-action-profiles/internal-balanced-profile Sample intent path: 
        {
            "tls_config_setting": "BALANCED",
            "resource_type": "TlsInspectionInternalProfile",
            "server_certs_key": ["/infra/certificates/server-cert-1"],
            "default_cert_key": "/infra/certificates/server-cert-1"
        }
Profile with default settings: 
        {
            "tls_config_setting": "BALANCED",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "ENFORCE",
            "client_min_tls_version": "TLS_V1_1",
            "client_max_tls_version": "TLS_V1_2",
            "server_min_tls_version": "TLS_V1_1",
            "server_max_tls_version": "TLS_V1_2",
            "client_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "server_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
                "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
                "TLS_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_RSA_WITH_AES_128_CBC_SHA256",
                "TLS_RSA_WITH_AES_256_GCM_SHA384",
                "TLS_RSA_WITH_AES_256_CBC_SHA256"
            ],
            "server_certs_key": [
                "/infra/certificates/server-cert-1"
            ],
            "default_cert_key": "/infra/certificates/server-cert-1",
            "ocsp_must_staple": false,
            "certificate_validation": false,
            "resource_type": "TlsInspectionInternalProfile",
            "id": "internal-balanced-profile",
            "display_name": "internal-balanced-profile",
            "path": "/infra/tls-inspection-action-profiles/internal-balanced-profile",
            "relative_path": "internal-balanced-profile",
            "parent_path": "/infra",
            "unique_id": "b8486763-843a-4894-8dfd-5bceebb10cd3",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622071598527,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622071598527,
            "_revision": 0
        }
5 - Internal Profile High Fidelity Sample intent path:/infra/tls-inspection-action-profiles/internal-high-fidelity-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "resource_type": "TlsInspectionInternalProfile",
            "server_certs_key": ["/infra/certificates/server-cert-1"],
            "default_cert_key": "/infra/certificates/server-cert-1"
        }
Profile with default settings: 
        {
            "tls_config_setting": "HIGH_FIDELITY",
            "decryption_fail_action": "BYPASS",
            "crypto_enforcement": "TRANSPARENT",
            "client_min_tls_version": "",
            "client_max_tls_version": "",
            "server_min_tls_version": "",
            "server_max_tls_version": "",
            "client_cipher_suite": [],
            "server_cipher_suite": [],
            "server_certs_key": [
                "/infra/certificates/server-cert-1"
            ],
            "default_cert_key": "/infra/certificates/server-cert-1",
            "ocsp_must_staple": false,
            "certificate_validation": false,
            "resource_type": "TlsInspectionInternalProfile",
            "id": "internal-high-fidelity-profile",
            "display_name": "internal-high-fidelity-profile",
            "path": "/infra/tls-inspection-action-profiles/internal-high-fidelity-profile",
            "relative_path": "internal-high-fidelity-profile",
            "parent_path": "/infra",
            "unique_id": "27609d17-e642-4a7a-b414-176b3f7eca8d",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622071452299,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622071452299,
            "_revision": 0
        }
6 - Internal Profile High Security Sample intent path:/infra/tls-inspection-action-profiles/internal-high-security-profile Sample intent path: 
        {
            "tls_config_setting": "HIGH_SECURITY",
            "resource_type": "TlsInspectionInternalProfile",
            "server_certs_key": ["/infra/certificates/server-cert-1"],
            "default_cert_key": "/infra/certificates/server-cert-1"
        }
Profile with default settings: 
        {
            "tls_config_setting": "HIGH_SECURITY",
            "decryption_fail_action": "BLOCK",
            "crypto_enforcement": "ENFORCE",
            "client_min_tls_version": "TLS_V1_2",
            "client_max_tls_version": "TLS_V1_2",
            "server_min_tls_version": "TLS_V1_2",
            "server_max_tls_version": "TLS_V1_2",
            "client_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
            ],
            "server_cipher_suite": [
                "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
            ],
            "server_certs_key": [
                "/infra/certificates/server-cert-1"
            ],
            "default_cert_key": "/infra/certificates/server-cert-1",
            "ocsp_must_staple": false,
            "certificate_validation": false,
            "resource_type": "TlsInspectionInternalProfile",
            "id": "internal-high-security-profile",
            "display_name": "internal-high-security-profile",
            "path": "/infra/tls-inspection-action-profiles/internal-high-security-profile",
            "relative_path": "internal-high-security-profile",
            "parent_path": "/infra",
            "unique_id": "52e3e7e8-718d-4eaf-a177-501f196c421a",
            "marked_for_delete": false,
            "overridden": false,
            "trusted_ca_bundles": [
                "/infra/cabundles/default_trusted_public_ca_bundle"
            ],
            "crls": [
                "/infra/crls/nsx_default_public_crl"
            ],
            "idle_connection_timeout": 5400,
            "_system_owned": false,
            "_protection": "NOT_PROTECTED",
            "_create_user": "admin",
            "_create_time": 1622071359539,
            "_last_modified_user": "admin",
            "_last_modified_time": 1622071359539,
            "_revision": 0
        }
operationId: CreateOrUpdateTlsProfile parameters: - in: path name: action-profile-id required: true type: string - in: body name: TlsProfile required: true schema: $ref: '#/definitions/TlsProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update a Tls profile. tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Profiles x-vmw-nsx-module: PolicyTlsActionProfile /infra/tls-inspection-policies: get: consumes: - application/json description: |- List all TLS policies. operationId: ListTlsPolicies parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - default: false description: Include the count of rules in policy in: query name: include_rule_count required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsPolicyListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List TLS policies tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy /infra/tls-inspection-policies/{policy-id}: delete: consumes: - application/json description: |- Delete TlsPolicy operationId: DeleteTlsPolicy parameters: - description: |- Firewall TLS inspection poicy id in: path name: policy-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete TlsPolicy tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy get: consumes: - application/json description: | Read TLS policy. operationId: ReadTlsPolicy parameters: - description: |- Firewall TLS inspection poicy id in: path name: policy-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read tls policy tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy patch: consumes: - application/json description: | Update the TLS policy. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a TLS policy use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: PatchTlsPolicy parameters: - description: |- Firewall TLS inspection poicy id in: path name: policy-id required: true type: string - in: body name: TlsPolicy required: true schema: $ref: '#/definitions/TlsPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update TLS policy tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy put: consumes: - application/json description: | Update the TLS policy. This is a full replace. All the rules are replaced. Performance Note: If you want to edit several rules in a TLS policy, use this API. It will perform better than several individual rule APIs. Just pass all the rules which you wish to edit as embedded rules to it. operationId: CreateOrReplaceTlsPolicy parameters: - description: |- Firewall TLS inspection poicy id in: path name: policy-id required: true type: string - in: body name: TlsPolicy required: true schema: $ref: '#/definitions/TlsPolicy' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsPolicy' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update TLS policy tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy /infra/tls-inspection-policies/{policy-id}/rules: get: consumes: - application/json description: |- List TLS rules operationId: ListTlsRules parameters: - in: path name: policy-id required: true type: string - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsRuleListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List TLS rules tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy /infra/tls-inspection-policies/{policy-id}/rules/{rule-id}: delete: consumes: - application/json description: |- Delete rule operationId: DeleteTlsRule parameters: - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete rule tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy get: consumes: - application/json description: |- Read rule operationId: ReadTlsRule parameters: - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read rule tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy patch: consumes: - application/json description: | Update the TLS rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a TLS policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/tls-inspection-policies/<policy-id> operationId: PatchTlsRule parameters: - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: TlsRule required: true schema: $ref: '#/definitions/TlsRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update TLS rule tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy put: consumes: - application/json description: | Update the TLS rule. Create new rule if a rule with the rule-id is not already present. Performance Note: If you want to edit several rules in a TLS policy, prefer below mentioned API for optimal performance. Pass all the rules which you wish to edit as embedded rules to it. Use this API - PATCH (or PUT) /infra/tls-inspection-policies/<policy-id> operationId: CreateOrReplaceTlsRule parameters: - in: path name: policy-id required: true type: string - in: path name: rule-id required: true type: string - in: body name: TlsRule required: true schema: $ref: '#/definitions/TlsRule' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TlsRule' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update TLS rule tags: - Policy - Security - North South Security - Gateway Firewall - Tls Inspection - Tls Rules x-vmw-nsx-module: PolicyTlsPolicy /infra/traceflows: get: consumes: - application/json description: | Paginated list of all TraceflowConfig for infra. operationId: ListTraceflowConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TraceflowConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List TraceflowConfig for infra tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/traceflows/{traceflow-id}: delete: consumes: - application/json description: |- Delete traceflow config with id traceflow-id operationId: DeleteTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read traceflow config with id traceflow-id. This configuration will be cleaned up by the system after two hours of inactivity. operationId: ReadTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TraceflowConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | If a traceflow config with the traceflow-id is not already present, create a new traceflow config. If it already exists, update the traceflow config. This is a full replace. This configuration will be cleaned up by the system after two hours of inactivity. operationId: PatchTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string - in: body name: TraceflowConfig required: true schema: $ref: '#/definitions/TraceflowConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity post: consumes: - application/json description: | This will retrace even if current traceflow has observations. Current observations will be lost. Traceflow configuration will be cleaned up by the system after two hours of inactivity. operationId: RestartTraceflow parameters: - in: path name: traceflow-id required: true type: string - description: Action to be performed in: query name: action type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TraceflowConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Restart traceflow with same set of parameters used during create/update traceflow tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | If a traceflow config with the traceflow-id is not already present, create a new traceflow config. If it already exists, update the traceflow config. This is a full replace. This configuration will be cleaned up by the system after two hours of inactivity. operationId: UpdateTraceflowConfig parameters: - in: path name: traceflow-id required: true type: string - in: body name: TraceflowConfig required: true schema: $ref: '#/definitions/TraceflowConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TraceflowConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or update a traceflow config tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/traceflows/{traceflow-id}/observations: get: consumes: - application/json description: |- Read traceflow observations for id traceflow-id. Traceflow configuration will be cleaned up by the system after two hours of inactivity. operationId: ListTraceflowObservations parameters: - in: path name: traceflow-id required: true type: string - description: Enforcement point path in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TraceflowObservationListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read traceflow observations tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/traceflows/{traceflow-id}/status: get: consumes: - application/json description: | Read traceflow status with id traceflow-id. Traceflow configuration will be cleaned up by the system after two hours of inactivity. operationId: ReadTraceflowStatus parameters: - in: path name: traceflow-id required: true type: string - description: Enforcement point path in: query name: enforcement_point_path type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/Traceflow' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read traceflow status tags: - Policy - Monitoring - Traceflow x-vmw-nsx-module: PolicyConnectivity /infra/transport-zone-profiles: get: consumes: - application/json description: | API will list all Policy Transport Zone Profiles. operationId: GetPolicyTransportZoneProfiles parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneProfileListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Policy Transport Zone Profiles tags: - Policy - Networking - Networking Profiles - Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile /infra/transport-zone-profiles/{tz-profile-id}: delete: consumes: - application/json description: | API will delete Policy Transport Zone Profile. operationId: DeletePolicyTransportZoneProfile parameters: - in: path name: tz-profile-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Policy Transport Zone Profile tags: - Policy - Networking - Networking Profiles - Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile get: consumes: - application/json description: | API will fetch Policy Transport Zone Profile. operationId: GetPolicyTransportZoneProfile parameters: - in: path name: tz-profile-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get Policy Transport Zone Profile tags: - Policy - Networking - Networking Profiles - Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile patch: consumes: - application/json description: | API will create Policy Transport Zone Profile. operationId: PatchPolicyTransportZoneProfile parameters: - in: path name: tz-profile-id required: true type: string - in: body name: PolicyTransportZoneProfile required: true schema: $ref: '#/definitions/PolicyTransportZoneProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create Policy Transport Zone Profile tags: - Policy - Networking - Networking Profiles - Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile put: consumes: - application/json description: | API will update Policy Transport Zone Profile. operationId: CreateOrUpdatePolicyTransportZoneProfile parameters: - in: path name: tz-profile-id required: true type: string - in: body name: PolicyTransportZoneProfile required: true schema: $ref: '#/definitions/PolicyTransportZoneProfile' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyTransportZoneProfile' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Policy Transport Zone Profile tags: - Policy - Networking - Networking Profiles - Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile /infra/url-categories: get: consumes: - application/json description: | Gets the list of categories. This will provide all the supported categories along with their ids. Few examples of these categories are Shopping, Social Networks, Streaming sites, etc. operationId: ListPolicyUrlCategories parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyUrlCategoryListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of URL categories. tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization /infra/url-reputation-severities: get: consumes: - application/json description: | Gets the list of reputation severities. This will provide all the supported severities along with their ids, min and max reputaitons. The min_reputation and max_reputation specify the range of the reputations which belong to a particular severity. For instance, any reputation between 1 to 20 belongs to the severity 'High Risk'. Similary a reputation between 81 to 100 belong to the severity 'Trustworthy'. operationId: ListPolicyUrlReputationSeverities parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyUrlReputationSeverityListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the list of reputation severity tags: - Policy - Security - North South Security - Gateway Firewall - Url Categorization x-vmw-nsx-module: PolicyUrlCategorization /infra/virtual-machine-group-associations: get: consumes: - application/json description: | Get policy groups for which the given VM is a member. operationId: GetGroupsForVM parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Virtual machine external ID in: query name: vm_external_id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given VM is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/virtual-network-interface-group-associations: get: consumes: - application/json description: | Get policy groups for which the given VIF is a member. operationId: GetGroupsForVIF parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: String Path of the enforcement point in: query name: enforcement_point_path required: false type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Virtual network interface external ID in: query name: vif_external_id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PolicyResourceReferenceForEPListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get groups for which the given VIF is a member tags: - Policy - Inventory - Groups - Group Members x-vmw-nsx-module: PolicyGroupRealization /infra/vni-pools: get: consumes: - application/json description: | List all Vni Pool configuration. operationId: ListVniPoolConfig parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - default: false description: Include objects that are marked for deletion in results in: query name: include_mark_for_delete_objects required: false type: boolean - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VniPoolConfigListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- List Vni Pool Configuration tags: - Policy - Networking - Networking Profiles - EVPN VNI Pools x-vmw-nsx-module: PolicyConnectivity /infra/vni-pools/{vni-pool-id}: delete: consumes: - application/json description: |- Delete Vni Pool Configuration. operationId: DeleteVniPoolConfig parameters: - description: |- vni pool id in: path name: vni-pool-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Vni Pool Configuration tags: - Policy - Networking - Networking Profiles - EVPN VNI Pools x-vmw-nsx-module: PolicyConnectivity get: consumes: - application/json description: | Read Vni Pool Configuration. operationId: ReadVniPoolConfig parameters: - description: |- vni pool id in: path name: vni-pool-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VniPoolConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Read Vni Pool Configuration tags: - Policy - Networking - Networking Profiles - EVPN VNI Pools x-vmw-nsx-module: PolicyConnectivity patch: consumes: - application/json description: | Create a Vni Pool config if it is not already present, otherwise update the Vni Pool configuration. operationId: PatchVniPoolConfig parameters: - description: |- vni pool id in: path name: vni-pool-id required: true type: string - in: body name: VniPoolConfig required: true schema: $ref: '#/definitions/VniPoolConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update Vni Pool Configuration tags: - Policy - Networking - Networking Profiles - EVPN VNI Pools x-vmw-nsx-module: PolicyConnectivity put: consumes: - application/json description: | Create or update VniPool configuration. operationId: CreateOrUpdateVniPoolConfig parameters: - description: |- vni pool id in: path name: vni-pool-id required: true type: string - in: body name: VniPoolConfig required: true schema: $ref: '#/definitions/VniPoolConfig' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/VniPoolConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Create or Update Vni Pool Configuration tags: - Policy - Networking - Networking Profiles - EVPN VNI Pools x-vmw-nsx-module: PolicyConnectivity /observability/flow-details: get: consumes: - application/json description: | Provides federation monitoring information, which includes all config flows originating from the site where API is invoked. operationId: GetFlowDetails parameters: - description: Policy path of the Site object in: query name: site_path required: false type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/MonitoringInfo' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get monitoring info tags: - Federation - Observability x-vmw-nsx-module: FederationObservability /search/dsl: get: consumes: - application/json description: |- DSL (Domain Specific Language) search API operationId: DslSearch parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Search query in: query name: query required: true type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SearchResponse' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- DSL (Domain Specific Language) search API tags: - Search - Search API x-vmw-nsx-module: Search /search/query: get: consumes: - application/json description: |- Full text search API operationId: QuerySearch parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Search query in: query name: query required: true type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/SearchResponse' '400': description: Bad Request '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Full text search API tags: - Search - Search API x-vmw-nsx-module: Search /system-config/nsx-partial-patch-config: get: consumes: - application/json description: | Get Configuration values for nsx-partial-patch. By default partial patch is disabled (i.e false). operationId: GetPartialPatchConfiguration produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/PartialPatchConfig' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Fetch the policy partial patch configuration value. tags: - System Administration - Configuration - NSX Partial Patch x-vmw-nsx-module: PolicySystemConfig patch: consumes: - application/json description: | Update partial patch configuration values. Only boolean value is allowed for enable_partial_patch operationId: updatePartialPatchConfig parameters: - in: body name: PartialPatchConfig required: true schema: $ref: '#/definitions/PartialPatchConfig' responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Saves the configuration for policy partial patch tags: - System Administration - Configuration - NSX Partial Patch x-vmw-nsx-module: PolicySystemConfig /system/input/login-logout-events: post: consumes: - application/json description: | API to receive User Login and Logout events for IDFW operationId: PostLoginLogoutEvents parameters: - in: body name: LoginLogoutEventCollection required: true schema: $ref: '#/definitions/LoginLogoutEventCollection' responses: '202': description: Accepted '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Post User Login/Logout events for IDFW tags: - Policy - Security - East West Security - Distributed Firewall - Settings - Identity Firewall Settings x-vmw-nsx-module: PolicyIdfwLoginLogoutEvents /tasks: get: consumes: - application/json description: |- Get information about all tasks operationId: ListTasks parameters: - description: Opaque cursor to be used for getting next page of records (supplied by current result page) in: query name: cursor type: string - description: Comma separated list of fields that should be included in query result in: query name: included_fields type: string - default: 1000 description: Maximum number of results to return in this page (server may return fewer) format: int64 in: query maximum: 1000 minimum: 0 name: page_size type: integer - description: Request URI(s) to include in query result in: query name: request_uri type: string - in: query name: sort_ascending type: boolean - description: Field by which records are sorted in: query name: sort_by type: string - description: Status(es) to include in query result in: query name: status type: string - description: Names of users to include in query result in: query name: user type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TaskListResult' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get information about all tasks tags: - System Administration - Configuration - NSX Managers - API Services - Task Management x-vmw-nsx-module: Tasks /tasks/{task-id}: get: consumes: - application/json description: |- Get information about the specified task operationId: ReadTaskProperties parameters: - description: |- ID of task to read in: path name: task-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/TaskProperties' '303': description: See Other schema: $ref: '#/definitions/TaskProperties' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get information about the specified task tags: - System Administration - Configuration - NSX Managers - API Services - Task Management x-vmw-nsx-module: Tasks /tasks/{task-id}/response: get: consumes: - application/json description: |- Get the response of a task operationId: ReadTaskResult parameters: - description: |- ID of task to read in: path name: task-id required: true type: string produces: - application/json responses: '200': description: OK schema: type: object '303': description: See Other schema: type: object '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the response of a task tags: - System Administration - Configuration - NSX Managers - API Services - Task Management x-vmw-nsx-module: Tasks /ui-views: get: consumes: - application/json description: | If no query params are specified then all the views entitled for the user are returned. The views to which a user is entitled to include the views created by the user and the shared views. operationId: ListViews parameters: - description: The tag for which associated views to be queried. in: query name: tag type: string - description: Ids of the Views in: query maxLength: 8192 name: view_ids type: string - description: Id of widget configuration in: query maxLength: 255 name: widget_id type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/ViewList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns the Views based on query criteria defined in ViewQueryParameters. tags: - System Administration - Monitoring - Dashboards - UI Views x-vmw-nsx-module: NsxDashboard post: consumes: - application/json description: |- Creates a new View. operationId: CreateView parameters: - in: body name: View required: true schema: $ref: '#/definitions/View' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/View' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Creates a new View. tags: - System Administration - Monitoring - Dashboards - UI Views x-vmw-nsx-module: NsxDashboard /ui-views/{view-id}: delete: consumes: - application/json description: |- Delete View operationId: DeletView parameters: - in: path name: view-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete View tags: - System Administration - Monitoring - Dashboards - UI Views x-vmw-nsx-module: NsxDashboard get: consumes: - application/json description: | Returns Information about a specific View. operationId: GetView parameters: - in: path name: view-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/View' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns View Information tags: - System Administration - Monitoring - Dashboards - UI Views x-vmw-nsx-module: NsxDashboard put: consumes: - application/json description: |- Update View operationId: UpdateView parameters: - in: path name: view-id required: true type: string - in: body name: View required: true schema: $ref: '#/definitions/View' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/View' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update View tags: - System Administration - Monitoring - Dashboards - UI Views x-vmw-nsx-module: NsxDashboard /ui-views/{view-id}/widgetconfigurations: get: consumes: - application/json description: | If no query params are specified then all the Widget Configurations of the specified view are returned. operationId: ListWidgetConfigurations parameters: - in: path name: view-id required: true type: string - description: Id of the container in: query maxLength: 255 name: container type: string - description: Ids of the WidgetConfigurations in: query maxLength: 8192 name: widget_ids type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/WidgetConfigurationList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns the Widget Configurations based on query criteria defined in WidgetQueryParameters. tags: - System Administration - Monitoring - Dashboards - Widget Configuration x-vmw-nsx-module: NsxDashboard post: consumes: - application/json description: | Creates a new Widget Configuration and adds it to the specified view. Supported resource_types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration and ContainerConfiguration. Note: Expressions should be given in a single line. If an expression spans multiple lines, then form the expression in a single line. For label-value pairs, expressions are evaluated as follows: a. First, render configurations are evaluated in their order of appearance in the widget config. The 'field' is evaluated at the end. b. Second, when render configuration is provided then the order of evaluation is 1. If expressions provided in 'condition' and 'display value' are well-formed and free of runtime-errors such as 'null pointers' and evaluates to 'true'; Then remaining render configurations are not evaluated, and the current render configuration's 'display value' is taken as the final value. 2. If expression provided in 'condition' of render configuration is false, then next render configuration is evaluated. 3. Finally, 'field' is evaluated only when every render configuration evaluates to false and no error occurs during steps 1 and 2 above. If an error occurs during evaluation of render configuration, then an error message is shown. The display value corresponding to that label is not shown and evaluation of the remaining render configurations continues to collect and show all the error messages (marked with the 'Label' for identification) as 'Error_Messages: {}'. If during evaluation of expressions for any label-value pair an error occurs, then it is marked with error. The errors are shown in the report, along with the label value pairs that are error-free. Important: For elements that take expressions, strings should be provided by escaping them with a back-slash. These elements are - condition, field, tooltip text and render_configuration's display_value. operationId: CreateWidgetConfiguration parameters: - in: path name: view-id required: true type: string - in: body name: WidgetConfiguration required: true schema: $ref: '#/definitions/WidgetConfiguration' produces: - application/json responses: '201': description: Created schema: $ref: '#/definitions/WidgetConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Creates a new Widget Configuration. tags: - System Administration - Monitoring - Dashboards - Widget Configuration x-vmw-nsx-module: NsxDashboard /ui-views/{view-id}/widgetconfigurations/{widgetconfiguration-id}: delete: consumes: - application/json description: | Detaches widget from a given view. If the widget is no longer part of any view, then it will be purged. operationId: DeleteWidgetConfiguration parameters: - in: path name: view-id required: true type: string - in: path name: widgetconfiguration-id required: true type: string responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Delete Widget Configuration tags: - System Administration - Monitoring - Dashboards - Widget Configuration x-vmw-nsx-module: NsxDashboard get: consumes: - application/json description: | Returns Information about a specific Widget Configuration. operationId: GetWidgetConfiguration parameters: - in: path name: view-id required: true type: string - in: path name: widgetconfiguration-id required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/WidgetConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Returns Widget Configuration Information tags: - System Administration - Monitoring - Dashboards - Widget Configuration x-vmw-nsx-module: NsxDashboard put: consumes: - application/json description: | Updates the widget at the given view. If the widget is referenced by other views, then the widget will be updated in all the views that it is part of. operationId: UpdateWidgetConfiguration parameters: - in: path name: view-id required: true type: string - in: path name: widgetconfiguration-id required: true type: string - in: body name: WidgetConfiguration required: true schema: $ref: '#/definitions/WidgetConfiguration' produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/WidgetConfiguration' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': description: Not Found '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update Widget Configuration tags: - System Administration - Monitoring - Dashboards - Widget Configuration x-vmw-nsx-module: NsxDashboard /upgrade/version-whitelist: get: consumes: - application/json description: |- Get whitelist of versions for different components operationId: GetVersionWhitelist produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AcceptableComponentVersionList' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the version whitelist tags: - System Administration - Lifecycle Management - Upgrade - Nodes x-vmw-nsx-module: VersionWhitelist /upgrade/version-whitelist/{component_type}: get: consumes: - application/json description: |- Get whitelist of versions for a component. Component can include HOST, EDGE, CCP, MP operationId: GetVersionWhitelistByComponent parameters: - in: path name: component_type required: true type: string produces: - application/json responses: '200': description: OK schema: $ref: '#/definitions/AcceptableComponentVersion' '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Get the version whitelist for the specified component tags: - System Administration - Lifecycle Management - Upgrade - Nodes x-vmw-nsx-module: VersionWhitelist put: consumes: - application/json description: |- Update the version whitelist for the specified component type (HOST, EDGE, CCP, MP). operationId: UpdateVersionWhitelist parameters: - in: path name: component_type required: true type: string - in: body name: VersionList required: true schema: $ref: '#/definitions/VersionList' produces: - application/json responses: '200': description: OK '400': $ref: '#/responses/BadRequest' '403': $ref: '#/responses/Forbidden' '404': $ref: '#/responses/NotFound' '412': $ref: '#/responses/PreconditionFailed' '500': $ref: '#/responses/InternalServerError' '503': $ref: '#/responses/ServiceUnavailable' summary: |- Update the version whitelist for the specified component type tags: - System Administration - Lifecycle Management - Upgrade - Nodes x-vmw-nsx-module: VersionWhitelist definitions: ALBAlertScriptConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action_script: description: | User Defined Alert Action Script. Please refer to kb.avinetworks.com for more information. title: |- Action script type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer AlertScriptConfig object title: |- AlertScriptConfig x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAnalyticsPolicy: description: |- Advanced load balancer AnalyticsPolicy object properties: all_headers: default: false description: | Log all headers. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- All headers type: boolean client_insights: default: NO_INSIGHTS description: | Gain insights from sampled client to server HTTP requests and responses. Enum options - NO_INSIGHTS, PASSIVE, ACTIVE. Default value when not specified in API or module is interpreted by ALB Controller as NO_INSIGHTS. enum: - NO_INSIGHTS - PASSIVE - ACTIVE type: string client_insights_sampling: $ref: '#/definitions/ALBClientInsightsSampling' client_log_filters: description: | Placeholder for description of property client_log_filters of obj type AnalyticsPolicy field type str type array. items: $ref: '#/definitions/ALBClientLogFilter' title: |- Client log filters type: array full_client_logs: $ref: '#/definitions/ALBFullClientLogs' metrics_realtime_update: $ref: '#/definitions/ALBMetricsRealTimeUpdate' significant_log_throttle: default: 10 description: | This setting limits the number of significant logs generated per second for this VS on each SE. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 title: |- Significant log throttle type: integer udf_log_throttle: default: 10 description: | This setting limits the total number of UDF logs generated per second for this VS on each SE. UDF logs are generated due to the configured client log filters or the rules with logging enabled. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 title: |- Udf log throttle type: integer title: |- AnalyticsPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAnalyticsProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: apdex_response_threshold: default: 500 description: | If a client receives an HTTP response in less than the Satisfactory Latency Threshold, the request is considered Satisfied. It is considered Tolerated if it is not Satisfied and less than Tolerated Latency Factor multiplied by the Satisfactory Latency Threshold. Greater than this number and the client's request is considered Frustrated. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 500) edition, Essentials(Allowed values- 500) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 500. format: int64 maximum: 30000 minimum: 1 title: |- Apdex response threshold type: integer apdex_response_tolerated_factor: default: 4.0 description: | Client tolerated response latency factor. Client must receive a response within this factor times the satisfactory threshold (apdex_response_threshold) to be considered tolerated. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. title: |- Apdex response tolerated factor type: number apdex_rtt_threshold: default: 250 description: | Satisfactory client to Avi Round Trip Time(RTT). Allowed values are 1-2000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 250) edition, Essentials(Allowed values- 250) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 250. format: int64 maximum: 2000 minimum: 1 title: |- Apdex rtt threshold type: integer apdex_rtt_tolerated_factor: default: 4.0 description: | Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. title: |- Apdex rtt tolerated factor type: number apdex_rum_threshold: default: 5000 description: | If a client is able to load a page in less than the Satisfactory Latency Threshold, the PageLoad is considered Satisfied. It is considered tolerated if it is greater than Satisfied but less than the Tolerated Latency multiplied by Satisifed Latency. Greater than this number and the client's request is considered Frustrated. A PageLoad includes the time for DNS lookup, download of all HTTP objects, and page render time. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 5000) edition, Essentials(Allowed values- 5000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5000. format: int64 maximum: 30000 minimum: 1 title: |- Apdex rum threshold type: integer apdex_rum_tolerated_factor: default: 4.0 description: | Virtual service threshold factor for tolerated Page Load Time (PLT) as multiple of apdex_rum_threshold. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. title: |- Apdex rum tolerated factor type: number apdex_server_response_threshold: default: 400 description: | A server HTTP response is considered Satisfied if latency is less than the Satisfactory Latency Threshold. The response is considered tolerated when it is greater than Satisfied but less than the Tolerated Latency Factor (STAR) S_Latency. Greater than this number and the server response is considered Frustrated. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 400) edition, Essentials(Allowed values- 400) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 400. format: int64 maximum: 30000 minimum: 1 title: |- Apdex server response threshold type: integer apdex_server_response_tolerated_factor: default: 4.0 description: | Server tolerated response latency factor. Servermust response within this factor times the satisfactory threshold (apdex_server_response_threshold) to be considered tolerated. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. title: |- Apdex server response tolerated factor type: number apdex_server_rtt_threshold: default: 125 description: | Satisfactory client to Avi Round Trip Time(RTT). Allowed values are 1-2000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 125) edition, Essentials(Allowed values- 125) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 125. format: int64 maximum: 2000 minimum: 1 title: |- Apdex server rtt threshold type: integer apdex_server_rtt_tolerated_factor: default: 4.0 description: | Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. title: |- Apdex server rtt tolerated factor type: number client_log_config: $ref: '#/definitions/ALBClientLogConfiguration' client_log_streaming_config: $ref: '#/definitions/ALBClientLogStreamingConfig' conn_lossy_ooo_threshold: default: 50 description: | A connection between client and Avi is considered lossy when more than this percentage of out of order packets are received. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. format: int64 maximum: 100 minimum: 1 title: |- Conn lossy ooo threshold type: integer conn_lossy_timeo_rexmt_threshold: default: 20 description: | A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted due to timeout. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20. format: int64 maximum: 100 minimum: 1 title: |- Conn lossy timeo rexmt threshold type: integer conn_lossy_total_rexmt_threshold: default: 50 description: | A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. format: int64 maximum: 100 minimum: 1 title: |- Conn lossy total rexmt threshold type: integer conn_lossy_zero_win_size_event_threshold: default: 2 description: | A client connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold. Allowed values are 0-100. Unit is PERCENT. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2. format: int64 maximum: 100 minimum: 0 title: |- Conn lossy zero win size event threshold type: integer conn_server_lossy_ooo_threshold: default: 50 description: | A connection between Avi and server is considered lossy when more than this percentage of out of order packets are received. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. format: int64 maximum: 100 minimum: 1 title: |- Conn server lossy ooo threshold type: integer conn_server_lossy_timeo_rexmt_threshold: default: 20 description: | A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted due to timeout. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20. format: int64 maximum: 100 minimum: 1 title: |- Conn server lossy timeo rexmt threshold type: integer conn_server_lossy_total_rexmt_threshold: default: 50 description: | A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50. format: int64 maximum: 100 minimum: 1 title: |- Conn server lossy total rexmt threshold type: integer conn_server_lossy_zero_win_size_event_threshold: default: 2 description: | A server connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold. Allowed values are 0-100. Unit is PERCENT. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2. format: int64 maximum: 100 minimum: 0 title: |- Conn server lossy zero win size event threshold type: integer enable_adaptive_config: default: true description: | Enable adaptive configuration for optimizing resource usage. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable adaptive config type: boolean enable_advanced_analytics: default: false description: | Enables Advanced Analytics features like Anomaly detection. If set to false, anomaly computation (and associated rules/events) for VS, Pool and Server metrics will be deactivated. However, setting it to false reduces cpu and memory requirements for Analytics subsystem. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable advanced analytics type: boolean enable_ondemand_metrics: default: true description: | Virtual Service (VS) metrics are processed only when there is live data traffic on the VS. In case, VS is idle for a period of time as specified by ondemand_metrics_idle_timeout then metrics processing is suspended for that VS. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable ondemand metrics type: boolean enable_se_analytics: default: true description: | Enable node (service engine) level analytics forvs metrics. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable se analytics type: boolean enable_server_analytics: default: true description: | Enables analytics on backend servers. This may be desired in container environment when there are large number of ephemeral servers. Additionally, no healthscore of servers is computed when server analytics is enabled. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable server analytics type: boolean enable_vs_analytics: default: true description: | Enable VirtualService (frontend) Analytics. This flag enables metrics and healthscore for Virtualservice. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable vs analytics type: boolean exclude_client_close_before_request_as_error: default: false description: | Exclude client closed connection before an HTTP request could be completed from being classified as an error. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude client close before request as error type: boolean exclude_dns_policy_drop_as_significant: default: false description: | Exclude dns policy drops from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude dns policy drop as significant type: boolean exclude_gs_down_as_error: default: false description: | Exclude queries to GSLB services that are operationally down from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude gs down as error type: boolean exclude_http_error_codes: description: | List of HTTP status codes to be excluded from being classified as an error. Error connections or responses impacts health score, are included as significant logs, and may be classified as part of a DoS attack. items: format: int64 type: integer title: |- Exclude http error codes type: array exclude_invalid_dns_domain_as_error: default: false description: | Exclude dns queries to domains outside the domains configured in the DNS application profile from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude invalid dns domain as error type: boolean exclude_invalid_dns_query_as_error: default: false description: | Exclude invalid dns queries from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude invalid dns query as error type: boolean exclude_issuer_revoked_ocsp_responses_as_error: default: true description: | Exclude the Issuer-Revoked OCSP Responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Exclude issuer revoked ocsp responses as error type: boolean exclude_no_dns_record_as_error: default: false description: | Exclude queries to domains that did not have configured services/records from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude no dns record as error type: boolean exclude_no_valid_gs_member_as_error: default: false description: | Exclude queries to GSLB services that have no available members from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude no valid gs member as error type: boolean exclude_persistence_change_as_error: default: false description: | Exclude persistence server changed while load balancing' from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude persistence change as error type: boolean exclude_revoked_ocsp_responses_as_error: default: true description: | Exclude the Revoked OCSP certificate status responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Exclude revoked ocsp responses as error type: boolean exclude_server_dns_error_as_error: default: false description: | Exclude server dns error response from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude server dns error as error type: boolean exclude_server_tcp_reset_as_error: default: false description: | Exclude server TCP reset from errors. It is common for applications like MS Exchange. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude server tcp reset as error type: boolean exclude_sip_error_codes: description: | List of SIP status codes to be excluded from being classified as an error. Allowed in Basic edition, Essentials edition, Enterprise edition. items: format: int64 type: integer title: |- Exclude sip error codes type: array exclude_stale_ocsp_responses_as_error: default: true description: | Exclude the Stale OCSP certificate status responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Exclude stale ocsp responses as error type: boolean exclude_syn_retransmit_as_error: default: false description: | Exclude 'server unanswered syns' from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude syn retransmit as error type: boolean exclude_tcp_reset_as_error: default: false description: | Exclude TCP resets by client from the list of potential errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude tcp reset as error type: boolean exclude_unavailable_ocsp_responses_as_error: default: true description: | Exclude the unavailable OCSP Responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Exclude unavailable ocsp responses as error type: boolean exclude_unsupported_dns_query_as_error: default: false description: | Exclude unsupported dns queries from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exclude unsupported dns query as error type: boolean healthscore_max_server_limit: default: 0 description: | Skips health score computation of pool servers when number of servers in a pool is more than this setting. Allowed values are 0-5000. Special values are 0- 'server health score is deactivated'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Special default for Basic edition is 0, Essentials edition is 0, Enterprise is 20. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 5000 minimum: 0 title: |- Healthscore max server limit type: integer hs_event_throttle_window: default: 1209600 description: | Time window (in secs) within which only unique health change events should occur. Allowed in Basic(Allowed values- 1209600) edition, Essentials(Allowed values- 1209600) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1209600. format: int64 title: |- Hs event throttle window type: integer hs_max_anomaly_penalty: default: 10 description: | Maximum penalty that may be deducted from health score for anomalies. Allowed values are 0-100. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 maximum: 100 minimum: 0 title: |- Hs max anomaly penalty type: integer hs_max_resources_penalty: default: 25 description: | Maximum penalty that may be deducted from health score for high resource utilization. Allowed values are 0-100. Allowed in Basic(Allowed values- 25) edition, Essentials(Allowed values- 25) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 25. format: int64 maximum: 100 minimum: 0 title: |- Hs max resources penalty type: integer hs_max_security_penalty: default: 100 description: | Maximum penalty that may be deducted from health score based on security assessment. Allowed values are 0-100. Allowed in Basic(Allowed values- 100) edition, Essentials(Allowed values- 100) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 maximum: 100 minimum: 0 title: |- Hs max security penalty type: integer hs_min_dos_rate: default: 1000 description: | DoS connection rate below which the DoS security assessment will not kick in. Allowed in Basic(Allowed values- 1000) edition, Essentials(Allowed values- 1000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1000. format: int64 title: |- Hs min dos rate type: integer hs_performance_boost: default: 0 description: | Adds free performance score credits to health score. It can be used for compensating health score for known slow applications. Allowed values are 0-100. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 100 minimum: 0 title: |- Hs performance boost type: integer hs_pscore_traffic_threshold_l4_client: default: 10.0 description: | Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10.0. title: |- Hs pscore traffic threshold l4 client type: number hs_pscore_traffic_threshold_l4_server: default: 10.0 description: | Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10.0. title: |- Hs pscore traffic threshold l4 server type: number hs_security_certscore_expired: default: 0.0 description: | Score assigned when the certificate has expired. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. title: |- Hs security certscore expired type: number hs_security_certscore_gt30d: default: 5.0 description: | Score assigned when the certificate expires in more than 30 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. title: |- Hs security certscore gt30d type: number hs_security_certscore_le07d: default: 2.0 description: | Score assigned when the certificate expires in less than or equal to 7 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 2.0) edition, Essentials(Allowed values- 2.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.0. title: |- Hs security certscore le07d type: number hs_security_certscore_le30d: default: 4.0 description: | Score assigned when the certificate expires in less than or equal to 30 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 4.0) edition, Essentials(Allowed values- 4.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0. title: |- Hs security certscore le30d type: number hs_security_chain_invalidity_penalty: default: 1.0 description: | Penalty for allowing certificates with invalid chain. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. title: |- Hs security chain invalidity penalty type: number hs_security_cipherscore_eq000b: default: 0.0 description: | Score assigned when the minimum cipher strength is 0 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. title: |- Hs security cipherscore eq000b type: number hs_security_cipherscore_ge128b: default: 5.0 description: | Score assigned when the minimum cipher strength is greater than equal to 128 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. title: |- Hs security cipherscore ge128b type: number hs_security_cipherscore_lt128b: default: 3.5 description: | Score assigned when the minimum cipher strength is less than 128 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 3.5) edition, Essentials(Allowed values- 3.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 3.5. title: |- Hs security cipherscore lt128b type: number hs_security_encalgo_score_none: default: 0.0 description: | Score assigned when no algorithm is used for encryption. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. title: |- Hs security encalgo score none type: number hs_security_encalgo_score_rc4: default: 2.5 description: | Score assigned when RC4 algorithm is used for encryption. Allowed values are 0-5. Allowed in Basic(Allowed values- 2.5) edition, Essentials(Allowed values- 2.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.5. title: |- Hs security encalgo score rc4 type: number hs_security_hsts_penalty: default: 1.0 description: | Penalty for not enabling HSTS. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. title: |- Hs security hsts penalty type: number hs_security_nonpfs_penalty: default: 1.0 description: | Penalty for allowing non-PFS handshakes. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. title: |- Hs security nonpfs penalty type: number hs_security_ocsp_revoked_score: default: 0.0 description: | Score assigned when OCSP Certificate Status is set to Revoked or Issuer Revoked. Allowed values are 0.0-5.0. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0. title: |- Hs security ocsp revoked score type: number hs_security_selfsignedcert_penalty: default: 1.0 description: | Deprecated. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. title: |- Hs security selfsignedcert penalty type: number hs_security_ssl30_score: default: 3.5 description: | Score assigned when supporting SSL3.0 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 3.5) edition, Essentials(Allowed values- 3.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 3.5. title: |- Hs security ssl30 score type: number hs_security_tls10_score: default: 5.0 description: | Score assigned when supporting TLS1.0 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. title: |- Hs security tls10 score type: number hs_security_tls11_score: default: 5.0 description: | Score assigned when supporting TLS1.1 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. title: |- Hs security tls11 score type: number hs_security_tls12_score: default: 5.0 description: | Score assigned when supporting TLS1.2 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0. title: |- Hs security tls12 score type: number hs_security_tls13_score: description: | Score assigned when supporting TLS1.3 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. title: |- Hs security tls13 score type: number hs_security_weak_signature_algo_penalty: default: 1.0 description: | Penalty for allowing weak signature algorithm(s). Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0. title: |- Hs security weak signature algo penalty type: number markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array ondemand_metrics_idle_timeout: default: 1800 description: | This flag sets the time duration of no live data traffic after which Virtual Service metrics processing is suspended. It is applicable only when enable_ondemand_metrics is set to false. Unit is SECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 1800. format: int64 title: |- Ondemand metrics idle timeout type: integer ranges: description: | List of HTTP status code ranges to be excluded from being classified as an error. items: $ref: '#/definitions/ALBHTTPStatusRange' title: |- Ranges type: array resp_code_block: description: | Block of HTTP response codes to be excluded from being classified as an error. Enum options - AP_HTTP_RSP_4XX, AP_HTTP_RSP_5XX. items: description: |- Valid ENUM values for ALBAnalyticsProfileRespCodeBlock enum: - AP_HTTP_RSP_4XX - AP_HTTP_RSP_5XX type: string title: |- Resp code block type: array sensitive_log_profile: $ref: '#/definitions/ALBSensitiveLogProfile' sip_log_depth: default: 20 description: | Maximum number of SIP messages added in logs for a SIP transaction. By default, this value is 20. Allowed values are 1-1000. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20. format: int64 maximum: 1000 minimum: 1 title: |- Sip log depth type: integer type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer AnalyticsProfile object title: |- AnalyticsProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAnalyticsProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of AnalyticsProfile items: $ref: '#/definitions/ALBAnalyticsProfile' title: |- Array of AnalyticsProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | AnalyticsProfileApiResponse title: |- AnalyticsProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAppCookiePersistenceProfile: description: |- Advanced load balancer AppCookiePersistenceProfile object properties: encryption_key: description: |- Key to use for cookie encryption. title: |- Encryption key type: string prst_hdr_name: description: |- Header or cookie name for application cookie persistence. title: |- Prst hdr name type: string timeout: default: 20 description: | The length of time after a client's connections have closed before expiring the client's persistence to a server. Allowed values are 1-720. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 20. format: int64 maximum: 720 minimum: 1 title: |- Timeout type: integer required: - prst_hdr_name title: |- AppCookiePersistenceProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAppLearningConfidenceOverride: description: |- Advanced load balancer AppLearningConfidenceOverride object properties: confid_high_value: default: 9500 description: | Confidence threshold for label CONFIDENCE_HIGH. Default value when not specified in API or module is interpreted by ALB Controller as 9500. format: int64 title: |- Confid high value type: integer confid_low_value: default: 7500 description: | Confidence threshold for label CONFIDENCE_LOW. Default value when not specified in API or module is interpreted by ALB Controller as 7500. format: int64 title: |- Confid low value type: integer confid_probable_value: default: 9000 description: | Confidence threshold for label CONFIDENCE_PROBABLE. Default value when not specified in API or module is interpreted by ALB Controller as 9000. format: int64 title: |- Confid probable value type: integer confid_very_high_value: default: 9999 description: | Confidence threshold for label CONFIDENCE_VERY_HIGH. Default value when not specified in API or module is interpreted by ALB Controller as 9999. format: int64 title: |- Confid very high value type: integer title: |- AppLearningConfidenceOverride type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAppLearningParams: description: |- Advanced load balancer AppLearningParams object properties: enable_per_uri_learning: default: true description: | Learn the params per URI path. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable per uri learning type: boolean max_params: default: 100 description: | Maximum number of params to learn for an application. Allowed values are 10-1000. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 maximum: 1000 minimum: 10 title: |- Max params type: integer max_uris: default: 500 description: | Maximum number of URI paths to learn for an application. Allowed values are 10-10000. Default value when not specified in API or module is interpreted by ALB Controller as 500. format: int64 maximum: 10000 minimum: 10 title: |- Max uris type: integer min_hits_to_learn: default: 10000 description: | Minimum number of occurances required for a Param to qualify for learning. Default value when not specified in API or module is interpreted by ALB Controller as 10000. format: int64 title: |- Min hits to learn type: integer sampling_percent: default: 1 description: | Percent of the requests subjected to Application learning. Allowed values are 1-100. Unit is PERCENT. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 100 minimum: 1 title: |- Sampling percent type: integer update_interval: default: 30 description: | Frequency with which SE publishes Application learning data to controller. Allowed values are 1-60. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. format: int64 maximum: 60 minimum: 1 title: |- Update interval type: integer title: |- AppLearningParams type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBApplicationPersistenceProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: app_cookie_persistence_profile: $ref: '#/definitions/ALBAppCookiePersistenceProfile' hdr_persistence_profile: $ref: '#/definitions/ALBHdrPersistenceProfile' http_cookie_persistence_profile: $ref: '#/definitions/ALBHttpCookiePersistenceProfile' ip_persistence_profile: $ref: '#/definitions/ALBIPPersistenceProfile' is_federated: default: false description: | This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is federated type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array persistence_type: default: PERSISTENCE_TYPE_CLIENT_IP_ADDRESS description: | Method used to persist clients to the same server for a duration of time or a session. Enum options - PERSISTENCE_TYPE_CLIENT_IP_ADDRESS, PERSISTENCE_TYPE_HTTP_COOKIE, PERSISTENCE_TYPE_TLS, PERSISTENCE_TYPE_CLIENT_IPV6_ADDRESS, PERSISTENCE_TYPE_CUSTOM_HTTP_HEADER, PERSISTENCE_TYPE_APP_COOKIE, PERSISTENCE_TYPE_GSLB_SITE. Allowed in Basic(Allowed values- PERSISTENCE_TYPE_CLIENT_IP_ADDRESS,PERSISTENCE_TYPE_HTTP_COOKIE) edition, Essentials(Allowed values- PERSISTENCE_TYPE_CLIENT_IP_ADDRESS,PERSISTENCE_TYPE_HTTP_COOKIE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PERSISTENCE_TYPE_CLIENT_IP_ADDRESS. enum: - PERSISTENCE_TYPE_CLIENT_IP_ADDRESS - PERSISTENCE_TYPE_HTTP_COOKIE - PERSISTENCE_TYPE_TLS - PERSISTENCE_TYPE_CLIENT_IPV6_ADDRESS - PERSISTENCE_TYPE_CUSTOM_HTTP_HEADER - PERSISTENCE_TYPE_APP_COOKIE - PERSISTENCE_TYPE_GSLB_SITE type: string server_hm_down_recovery: default: HM_DOWN_PICK_NEW_SERVER description: | Specifies behavior when a persistent server has been marked down by a health monitor. Enum options - HM_DOWN_PICK_NEW_SERVER, HM_DOWN_ABORT_CONNECTION, HM_DOWN_CONTINUE_PERSISTENT_SERVER. Allowed in Basic(Allowed values- HM_DOWN_PICK_NEW_SERVER) edition, Essentials(Allowed values- HM_DOWN_PICK_NEW_SERVER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as HM_DOWN_PICK_NEW_SERVER. enum: - HM_DOWN_PICK_NEW_SERVER - HM_DOWN_ABORT_CONNECTION - HM_DOWN_CONTINUE_PERSISTENT_SERVER type: string required: - persistence_type type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer ApplicationPersistenceProfile object title: |- ApplicationPersistenceProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBApplicationPersistenceProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of ApplicationPersistenceProfile items: $ref: '#/definitions/ALBApplicationPersistenceProfile' title: |- Array of ApplicationPersistenceProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | ApplicationPersistenceProfileApiResponse title: |- ApplicationPersistenceProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBApplicationProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cloud_config_cksum: description: | Checksum of application profiles. Internally set by cloud connector. title: |- Cloud config cksum type: string created_by: description: |- Name of the application profile creator. title: |- Created by type: string dns_service_profile: $ref: '#/definitions/ALBDnsServiceApplicationProfile' dos_rl_profile: $ref: '#/definitions/ALBDosRateLimitProfile' http_profile: $ref: '#/definitions/ALBHTTPApplicationProfile' markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array preserve_client_ip: default: false description: | Specifies if client IP needs to be preserved for backend connection. Not compatible with Connection Multiplexing. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Preserve client ip type: boolean preserve_client_port: default: false description: | Specifies if we need to preserve client port while preserving client IP for backend connections. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Preserve client port type: boolean preserve_dest_ip_port: default: false description: | Specifies if destination IP and port needs to be preserved for backend connection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Preserve dest ip port type: boolean sip_service_profile: $ref: '#/definitions/ALBSipServiceApplicationProfile' tcp_app_profile: $ref: '#/definitions/ALBTCPApplicationProfile' type: description: | Specifies which application layer proxy is enabled for the virtual service. Enum options - APPLICATION_PROFILE_TYPE_L4, APPLICATION_PROFILE_TYPE_HTTP, APPLICATION_PROFILE_TYPE_SYSLOG, APPLICATION_PROFILE_TYPE_DNS, APPLICATION_PROFILE_TYPE_SSL, APPLICATION_PROFILE_TYPE_SIP. Allowed in Basic(Allowed values- APPLICATION_PROFILE_TYPE_L4,APPLICATION_PROFILE_TYPE_HTTP) edition, Essentials(Allowed values- APPLICATION_PROFILE_TYPE_L4) edition, Enterprise edition. enum: - APPLICATION_PROFILE_TYPE_L4 - APPLICATION_PROFILE_TYPE_HTTP - APPLICATION_PROFILE_TYPE_SYSLOG - APPLICATION_PROFILE_TYPE_DNS - APPLICATION_PROFILE_TYPE_SSL - APPLICATION_PROFILE_TYPE_SIP type: string required: - type type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer ApplicationProfile object title: |- ApplicationProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBApplicationProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of ApplicationProfile items: $ref: '#/definitions/ALBApplicationProfile' title: |- Array of ApplicationProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | ApplicationProfileApiResponse title: |- ApplicationProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAttackMitigationAction: description: |- Advanced load balancer AttackMitigationAction object properties: deny: default: true description: | Deny the attack packets further processing and drop them. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Deny type: boolean title: |- AttackMitigationAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthAttributeMatch: description: |- Advanced load balancer AuthAttributeMatch object properties: attribute_name: description: | Attribute name whose values will be looked up in the access lists. title: |- Attribute name type: string attribute_value_list: $ref: '#/definitions/ALBStringMatch' required: - attribute_value_list - attribute_name title: |- AuthAttributeMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: http: $ref: '#/definitions/ALBAuthProfileHTTPClientParams' ldap: $ref: '#/definitions/ALBLdapAuthSettings' markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array saml: $ref: '#/definitions/ALBSamlSettings' tacacs_plus: $ref: '#/definitions/ALBTacacsPlusAuthSettings' type: description: | Type of the Auth Profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT. enum: - AUTH_PROFILE_LDAP - AUTH_PROFILE_TACACS_PLUS - AUTH_PROFILE_SAML - AUTH_PROFILE_PINGACCESS - AUTH_PROFILE_JWT type: string required: - type type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer AuthProfile object title: |- AuthProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of AuthProfile items: $ref: '#/definitions/ALBAuthProfile' title: |- Array of AuthProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | AuthProfileApiResponse title: |- AuthProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthProfileHTTPClientParams: description: |- Advanced load balancer AuthProfileHTTPClientParams object properties: cache_expiration_time: default: 5 description: | The max allowed length of time a clients authentication is cached. Allowed values are 1-30. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 5. format: int64 maximum: 30 minimum: 1 title: |- Cache expiration time type: integer request_header: description: | Insert an HTTP header. This field is used to define the header name. The value of the header is set to the client's HTTP Auth user ID. title: |- Request header type: string require_user_groups: description: | A user should be a member of these groups. Each group is defined by the DN. For example, CN=testgroup,OU=groups,dc=example,dc=avinetworks,DC=com. items: type: string title: |- Require user groups type: array title: |- AuthProfileHTTPClientParams type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthTacacsPlusAttributeValuePair: description: |- Advanced load balancer AuthTacacsPlusAttributeValuePair object properties: mandatory: description: |- mandatory. title: |- Mandatory type: boolean name: description: |- attribute name. title: |- Name type: string value: description: |- attribute value. title: |- Value type: string title: |- AuthTacacsPlusAttributeValuePair type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthToken: description: |- ALB Auth Token properties: expires_at: description: | Expiry time of the token will be set by LCM at the time of Enforcement Point Creation. title: |- Expiry time of the token type: string hours: description: | Hours to validate the token title: |- hours type: string token: description: |- Token for Avi Controller. title: |- Token for Avi Controller type: string username: description: | controller username. title: |- username type: string required: - username - hours title: |- Auth Token type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthenticationAction: description: |- Advanced load balancer AuthenticationAction object properties: type: default: USE_DEFAULT_AUTHENTICATION description: | Authentication Action to be taken for a matched Rule. Enum options - SKIP_AUTHENTICATION, USE_DEFAULT_AUTHENTICATION. Default value when not specified in API or module is interpreted by ALB Controller as USE_DEFAULT_AUTHENTICATION. enum: - SKIP_AUTHENTICATION - USE_DEFAULT_AUTHENTICATION type: string title: |- AuthenticationAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthenticationMatch: description: |- Advanced load balancer AuthenticationMatch object properties: client_ip: $ref: '#/definitions/ALBIpAddrMatch' host_hdr: $ref: '#/definitions/ALBHostHdrMatch' path: $ref: '#/definitions/ALBPathMatch' title: |- AuthenticationMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthenticationPolicy: description: |- Advanced load balancer AuthenticationPolicy object properties: authn_rules: description: |- Add rules to apply auth profile to specific targets. items: $ref: '#/definitions/ALBAuthenticationRule' title: |- Authn rules type: array default_auth_profile_path: description: | Auth Profile to use for validating users. It is a reference to an object of type AuthProfile. title: |- Default auth profile path type: string required: - default_auth_profile_path title: |- AuthenticationPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthenticationRule: description: |- Advanced load balancer AuthenticationRule object properties: action: $ref: '#/definitions/ALBAuthenticationAction' enable: default: true description: | Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean index: description: |- Index of the rule. format: int64 title: |- Index type: integer match: $ref: '#/definitions/ALBAuthenticationMatch' name: description: |- Name of the rule. title: |- Name type: string required: - index - name title: |- AuthenticationRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthorizationAction: description: |- Advanced load balancer AuthorizationAction object properties: status_code: description: | HTTP status code to use for local response when an policy rule is matched. Enum options - HTTP_RESPONSE_STATUS_CODE_401, HTTP_RESPONSE_STATUS_CODE_403. enum: - HTTP_RESPONSE_STATUS_CODE_401 - HTTP_RESPONSE_STATUS_CODE_403 type: string type: default: ALLOW_ACCESS description: | Defines the action taken when an authorization policy rule is matched. By default, access is allowed to the requested resource. Enum options - ALLOW_ACCESS, CLOSE_CONNECTION, HTTP_LOCAL_RESPONSE. Default value when not specified in API or module is interpreted by ALB Controller as ALLOW_ACCESS. enum: - ALLOW_ACCESS - CLOSE_CONNECTION - HTTP_LOCAL_RESPONSE type: string title: |- AuthorizationAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthorizationMatch: description: |- Advanced load balancer AuthorizationMatch object properties: attr_matches: description: | Attributes whose values need to be matched. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBAuthAttributeMatch' title: |- Attr matches type: array host_hdr: $ref: '#/definitions/ALBHostHdrMatch' method: $ref: '#/definitions/ALBMethodMatch' path: $ref: '#/definitions/ALBPathMatch' title: |- AuthorizationMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthorizationPolicy: description: |- Advanced load balancer AuthorizationPolicy object properties: authz_rules: description: |- Authorization Policy Rules. items: $ref: '#/definitions/ALBAuthorizationRule' title: |- Authz rules type: array title: |- AuthorizationPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAuthorizationRule: description: |- Advanced load balancer AuthorizationRule object properties: action: $ref: '#/definitions/ALBAuthorizationAction' enable: default: true description: | Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean index: description: |- Index of the Authorization Policy rule. format: int64 title: |- Index type: integer match: $ref: '#/definitions/ALBAuthorizationMatch' name: description: |- Name of the rule. title: |- Name type: string required: - action - index - name - match title: |- AuthorizationRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAutoScaleLaunchConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: image_id: description: | Unique ID of the Amazon Machine Image (AMI) or OpenStack VM ID. title: |- Image id type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array mesos: $ref: '#/definitions/ALBAutoScaleMesosSettings' openstack: $ref: '#/definitions/ALBAutoScaleOpenStackSettings' use_external_asg: default: true description: | If set to True, ServerAutoscalePolicy will use the autoscaling group (external_autoscaling_groups) from Pool to perform scale up and scale down. Pool should have single autoscaling group configured. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Use external asg type: boolean type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer AutoScaleLaunchConfig object title: |- AutoScaleLaunchConfig x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAutoScaleLaunchConfigApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of AutoScaleLaunchConfig items: $ref: '#/definitions/ALBAutoScaleLaunchConfig' title: |- Array of AutoScaleLaunchConfig type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | AutoScaleLaunchConfigApiResponse title: |- AutoScaleLaunchConfigApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAutoScaleMesosSettings: description: |- Advanced load balancer AutoScaleMesosSettings object properties: force: default: true description: | Apply scaleout even when there are deployments inprogress. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Force type: boolean title: |- AutoScaleMesosSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBAutoScaleOpenStackSettings: description: |- Advanced load balancer AutoScaleOpenStackSettings object properties: heat_scale_down_url: description: | Avi Controller will use this URL to scale downthe pool. Cloud connector will automatically update the membership. This is an alpha feature. title: |- Heat scale down url type: string heat_scale_up_url: description: | Avi Controller will use this URL to scale upthe pool. Cloud connector will automatically update the membership. This is an alpha feature. title: |- Heat scale up url type: string title: |- AutoScaleOpenStackSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCRL: description: |- Advanced load balancer CRL object properties: body: description: | Certificate Revocation list from a given issuer in PEM format. This can either be configured directly or via the server_url. title: |- Body type: string common_name: description: | Common name of the issuer in the Certificate Revocation list. title: |- Common name type: string distinguished_name: description: | Distinguished name of the issuer in the Certificate Revocation list. title: |- Distinguished name type: string etag: description: |- Cached etag to optimize the download of the CRL. title: |- Etag type: string fingerprint: description: | Fingerprint of the CRL. Used to avoid configuring duplicates. title: |- Fingerprint type: string last_refreshed: description: | Last time CRL was refreshed by the system. This is an internal field used by the system. title: |- Last refreshed type: string last_update: description: |- The date when this CRL was last issued. title: |- Last update type: string next_update: description: | The date when a newer CRL will be available. Also conveys the date after which the CRL should be considered obsolete. title: |- Next update type: string server_url: description: | URL of a server that issues the Certificate Revocation list. If this is configured, CRL will be periodically downloaded either based on the configured update interval or the next update interval in the CRL. CRL itself is stored in the body. title: |- Server url type: string text: description: |- Certificate Revocation list in plain text for readability. title: |- Text type: string update_interval: description: | Interval in minutes to check for CRL update. If not specified, interval will be 1 day. Allowed values are 30-525600. Unit is MIN. format: int64 maximum: 525600 minimum: 30 title: |- Update interval type: integer title: |- CRL type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCertificateAuthority: description: |- Advanced load balancer CertificateAuthority object properties: ca_path: description: | It is a reference to an object of type SSLKeyAndCertificate. title: |- Ca path type: string name: description: |- Name of the object. title: |- Name type: string title: |- CertificateAuthority type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCertificateManagementProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array script_params: description: | Placeholder for description of property script_params of obj type CertificateManagementProfile field type str type array. items: $ref: '#/definitions/ALBCustomParams' title: |- Script params type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer CertificateManagementProfile object title: |- CertificateManagementProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBClientInsightsSampling: description: |- Advanced load balancer ClientInsightsSampling object properties: client_ip: $ref: '#/definitions/ALBIpAddrMatch' sample_uris: $ref: '#/definitions/ALBStringMatch' skip_uris: $ref: '#/definitions/ALBStringMatch' title: |- ClientInsightsSampling type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBClientLogConfiguration: description: |- Advanced load balancer ClientLogConfiguration object properties: enable_significant_log_collection: default: false description: | Enable significant log collection. By default, this flag is enabled, which means that Avi SEs collect significant logs and forward them to Controller for further processing. For example, these logs correspond to error conditions such as when the response code for a request is 500. Users can deactivate this flag to turn off default significant log collection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable significant log collection type: boolean filtered_log_processing: default: LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND description: | Filtered logs are logs that match any client log filters or rules with logging enabled. Such logs are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND. enum: - LOGS_PROCESSING_NONE - LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND - LOGS_PROCESSING_AUTO_SYNC_AND_INDEX - LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND type: string non_significant_log_processing: default: LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND description: | Logs that are neither significant nor filtered, are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND. enum: - LOGS_PROCESSING_NONE - LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND - LOGS_PROCESSING_AUTO_SYNC_AND_INDEX - LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND type: string significant_log_processing: default: LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND description: | Significant logs are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND. enum: - LOGS_PROCESSING_NONE - LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND - LOGS_PROCESSING_AUTO_SYNC_AND_INDEX - LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND type: string title: |- ClientLogConfiguration type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBClientLogFilter: description: |- Advanced load balancer ClientLogFilter object properties: all_headers: default: false description: | Placeholder for description of property all_headers of obj type ClientLogFilter field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- All headers type: boolean client_ip: $ref: '#/definitions/ALBIpAddrMatch' duration: default: 30 description: | Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. format: int64 title: |- Duration type: integer enabled: default: false description: | Placeholder for description of property enabled of obj type ClientLogFilter field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enabled type: boolean index: description: |- Number of index. format: int64 title: |- Index type: integer name: description: |- Name of the object. title: |- Name type: string uri: $ref: '#/definitions/ALBStringMatch' required: - index - enabled - name title: |- ClientLogFilter type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBClientLogStreamingConfig: description: |- Advanced load balancer ClientLogStreamingConfig object properties: external_server: description: | IP address or hostnames (FQDNs) of destination servers. If an FQDN is provided, this should be resolvable on Avi Service Engines. Multiple servers are supported by furnishing a comma-separated list of IP addresses or host names, for example, 11.11.11.11,23.12.12.4. Optionally, a separate port can be specified for each external server in the list, for example, 11.11.11.11 234,12.12.12.12 343. title: |- External server type: string external_server_port: default: 514 description: | The service port to use for the external servers. If multiple external servers have been specified, the single port number specified here will apply to all those servers for which an explicit port number has not been specified in the external server list. Default value when not specified in API or module is interpreted by ALB Controller as 514. format: int64 title: |- External server port type: integer format_config: $ref: '#/definitions/ALBClientLogStreamingFormat' log_types_to_send: default: LOGS_ALL description: | Type of logs to stream to the external server. Default is LOGS_ALL, i.e., send all logs. Enum options - LOGS_SIGNIFICANT_ONLY, LOGS_UDF_ONLY, LOGS_UDF_SIGNIFICANT, LOGS_ALL. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_ALL. enum: - LOGS_SIGNIFICANT_ONLY - LOGS_UDF_ONLY - LOGS_UDF_SIGNIFICANT - LOGS_ALL type: string max_logs_per_second: default: 100 description: | Maximum number of logs per second streamed to the remote server. By default, 100 logs per second are streamed. Set this to zero(0) to not enforce any limit. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 title: |- Max logs per second type: integer protocol: default: LOG_STREAMING_PROTOCOL_UDP description: | Protocol to use for streaming logs. Enum options - LOG_STREAMING_PROTOCOL_UDP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_UDP, LOG_STREAMING_PROTOCOL_TCP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TCP, LOG_STREAMING_PROTOCOL_RAW_OVER_UDP, LOG_STREAMING_PROTOCOL_TLS, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TLS. Default value when not specified in API or module is interpreted by ALB Controller as LOG_STREAMING_PROTOCOL_UDP. enum: - LOG_STREAMING_PROTOCOL_UDP - LOG_STREAMING_PROTOCOL_SYSLOG_OVER_UDP - LOG_STREAMING_PROTOCOL_TCP - LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TCP - LOG_STREAMING_PROTOCOL_RAW_OVER_UDP - LOG_STREAMING_PROTOCOL_TLS - LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TLS type: string syslog_config: $ref: '#/definitions/ALBStreamingSyslogConfig' required: - external_server title: |- ClientLogStreamingConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBClientLogStreamingFormat: description: |- Advanced load balancer ClientLogStreamingFormat object properties: format: description: | Format for the streamed logs. Enum options - LOG_STREAMING_FORMAT_JSON_FULL, LOG_STREAMING_FORMAT_JSON_SELECTED. enum: - LOG_STREAMING_FORMAT_JSON_FULL - LOG_STREAMING_FORMAT_JSON_SELECTED type: string included_fields: description: | List of log fields to be streamed, when selective fields (LOG_STREAMING_FORMAT_JSON_SELECTED) option is chosen. Only top-level fields in application or connection logs are supported. items: type: string title: |- Included fields type: array required: - format title: |- ClientLogStreamingFormat type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCloneServer: description: |- Advanced load balancer CloneServer object properties: ip_address: $ref: '#/definitions/ALBIpAddr' mac: description: |- MAC Address of the Clone Server. title: |- Mac type: string network_name: description: | Network to clone the traffic to. It is a reference to an object of type Network. title: |- Network name type: string subnet: $ref: '#/definitions/ALBIpAddrPrefix' title: |- CloneServer type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCompressionFilter: description: |- Advanced load balancer CompressionFilter object properties: devices_path: description: |- It is a reference to an object of type StringGroup. title: |- Devices path type: string index: description: |- Number of index. format: int64 title: |- Index type: integer ip_addr_prefixes: description: | Placeholder for description of property ip_addr_prefixes of obj type CompressionFilter field type str type array. items: $ref: '#/definitions/ALBIpAddrPrefix' title: |- Ip addr prefixes type: array ip_addr_ranges: description: | Placeholder for description of property ip_addr_ranges of obj type CompressionFilter field type str type array. items: $ref: '#/definitions/ALBIpAddrRange' title: |- Ip addr ranges type: array ip_addrs: description: | Placeholder for description of property ip_addrs of obj type CompressionFilter field type str type array. items: $ref: '#/definitions/ALBIpAddr' title: |- Ip addrs type: array ip_addrs_path: description: |- It is a reference to an object of type IpAddrGroup. title: |- Ip addrs path type: string level: default: NORMAL_COMPRESSION description: | Enum options - AGGRESSIVE_COMPRESSION, NORMAL_COMPRESSION, NO_COMPRESSION. Default value when not specified in API or module is interpreted by ALB Controller as NORMAL_COMPRESSION. enum: - AGGRESSIVE_COMPRESSION - NORMAL_COMPRESSION - NO_COMPRESSION type: string match: default: IS_IN description: | Whether to apply Filter when group criteria is matched or not. Enum options - IS_IN, IS_NOT_IN. Default value when not specified in API or module is interpreted by ALB Controller as IS_IN. enum: - IS_IN - IS_NOT_IN type: string name: description: |- Name of the object. title: |- Name type: string user_agent: description: | Placeholder for description of property user_agent of obj type CompressionFilter field type str type array. items: type: string title: |- User agent type: array required: - index - name - level title: |- CompressionFilter type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCompressionProfile: description: |- Advanced load balancer CompressionProfile object properties: compressible_content_path: description: | Compress only content types listed in this string group. Content types not present in this list are not compressed. It is a reference to an object of type StringGroup. title: |- Compressible content path type: string compression: default: false description: | Compress HTTP response content if it wasn't already compressed. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Compression type: boolean filter: description: |- Custom filters used when auto compression is not selected. items: $ref: '#/definitions/ALBCompressionFilter' title: |- Filter type: array remove_accept_encoding_header: default: true description: | Offload compression from the servers to AVI. Saves compute cycles on the servers. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Remove accept encoding header type: boolean type: default: AUTO_COMPRESSION description: | Compress content automatically or add custom filters to define compressible content and compression levels. Enum options - AUTO_COMPRESSION, CUSTOM_COMPRESSION. Default value when not specified in API or module is interpreted by ALB Controller as AUTO_COMPRESSION. enum: - AUTO_COMPRESSION - CUSTOM_COMPRESSION type: string required: - type - compression - remove_accept_encoding_header title: |- CompressionProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBConnPoolProperties: description: |- Advanced load balancer ConnPoolProperties object properties: upstream_connpool_conn_idle_tmo: default: 60000 description: | Connection idle timeout. Allowed in Basic(Allowed values- 60000) edition, Essentials(Allowed values- 60000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 60000. format: int64 title: |- Upstream connpool conn idle tmo type: integer upstream_connpool_conn_life_tmo: default: 600000 description: | Connection life timeout. Allowed in Basic(Allowed values- 600000) edition, Essentials(Allowed values- 600000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 600000. format: int64 title: |- Upstream connpool conn life tmo type: integer upstream_connpool_conn_max_reuse: default: 0 description: | Maximum number of times a connection can be reused. Special values are 0- 'unlimited'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Upstream connpool conn max reuse type: integer upstream_connpool_server_max_cache: default: 0 description: | Maximum number of connections a server can cache. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Upstream connpool server max cache type: integer title: |- ConnPoolProperties type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBContentRewriteProfile: description: |- Advanced load balancer ContentRewriteProfile object properties: response_rewrite_enabled: default: false description: | Enable rewrite on response body. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Response rewrite enabled type: boolean rewritable_content_path: description: | Rewrite only content types listed in this string group. Content types not present in this list are not rewritten. It is a reference to an object of type StringGroup. title: |- Rewritable content path type: string rsp_match_replace_pair: description: | Strings to be matched and replaced with on the response body. This should be configured when response_rewrite_enabled is set to true. items: $ref: '#/definitions/ALBMatchReplacePair' title: |- Rsp match replace pair type: array title: |- ContentRewriteProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBControllerClusterInfo: description: |- Advanced Load Balancer controller cluster information about nodes in the cluster and cluster information. properties: cluster_name: description: |- Advanced Load Balancer controller cluster name. readOnly: true title: |- Advanced Load Balancer controller cluster name type: string cluster_state: description: |- Advanced Load Balancer controller cluster state. readOnly: true title: |- Advanced Load Balancer controller cluster state type: string cluster_uuid: description: | ID of the Cluster maintained internally. Note: This is automatically generated and cannot be modified. readOnly: true title: |- ID of the cluster used to recognize it type: string error: $ref: '#/definitions/AlbControllerClusterRuntimeError' nodes: description: |- Advanced Load Balancer controller node information items: $ref: '#/definitions/ALBControllerNodeInfo' title: |- Advanced Load Balancer controller node information type: array reason: description: |- Advanced Load Balancer cluster state not STABLE reason. readOnly: true title: |- Advanced Load Balancer cluster state not STABLE reason. type: string version: description: |- Advanced Load Balancer controller cluster version. readOnly: true title: |- Advanced Load Balancer controller cluster version type: string virtual_ip: description: | Advanced Load Balancer controller cluster virtual_ip. format: ip readOnly: true type: string title: |- Advanced Load Balancer controller cluster info type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerClusterTrigger: description: |- Advanced Load Balancer controller node clustering trigger response. properties: status: description: | Advanced Load Balancer controller node clustering trigger status. readOnly: true title: |- Advanced Load Balancer controller node clustering trigger status type: string title: |- Advanced Load Balancer controller node clustering trigger response type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerConfiguration: description: |- Alb Controller config details properties: cluster_ip: description: | The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well. format: ip readOnly: false type: string dns_servers: description: | List of DNS servers. items: description: |- IPv4 address format: ipv4 type: string title: |- DNS servers. type: array infra_admin_password: description: | Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length. title: |- Advanced Load Balancer controller admin password type: string infra_admin_username: description: |- Username for server authentication. title: |- Username type: string ntp_servers: description: | List of NTP servers. items: description: |- Hostname or IPv4 address format: hostname-or-ipv4 type: string title: |- NTP servers. type: array owned_by: description: |- The policy initiates workflow by LCM/VCF enum: - LCM - VCF title: |- owned_by type: string required: - cluster_ip - owned_by title: |- ALBControllerConfiguration type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBControllerNodeFormFactor: description: |- Advanced Load Balancer node form factor. properties: disk: description: |- Disk size of the Advanced Load Balancer controller node in Bytes. format: int64 readOnly: true title: |- Disk size of the Advanced Load Balancer controller node in Bytes type: integer memory: description: |- Memory size of the Advanced Load Balancer controller node in Bytes. format: int64 readOnly: true title: |- Memory size of the Advanced Load Balancer controller node in Bytes type: integer type: description: | Advanced Load Balancer controller node form factor type. enum: - SMALL - MEDIUM - LARGE readOnly: true type: string vcpu: description: |- Number of virtual cpus on the Advanced Load Balancer controller node. format: int64 readOnly: true title: |- Number of virtual cpus on the Advanced Load Balancer controller node type: integer title: |- Advanced Load Balancer controller node form factor type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeFormFactors: description: |- Advanced Load Balancer controller form factors list result properties: form_factors: description: |- Advanced Load Balancer controller form factor list items: $ref: '#/definitions/ALBControllerNodeFormFactor' title: |- Advanced Load Balancer controller form factor list type: array title: |- Advanced Load Balancer controller form factors list result type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeInfo: description: |- Advanced Load Balancer controller node information like node IP and node name. properties: is_dhcp: description: |- Advanced Load Balancer controller node IP configuration is static or DHCP. readOnly: true title: |- Is DHCP based IP assignment type: boolean node_ip: description: | Advanced Load Balancer controller node IP. format: ip readOnly: true type: string node_name: description: |- Advanced Load Balancer controller node name. readOnly: true title: |- Advanced Load Balancer controller node name type: string node_role: description: |- Advanced Load Balancer controller node role in cluster. readOnly: true title: |- Advanced Load Balancer controller node role type: string node_start_time: description: |- Advanced Load Balancer controller node start time in its local timezone. format: int64 readOnly: true type: integer node_state: description: |- Advanced Load Balancer controller node current state in the cluster. readOnly: true title: |- Advanced Load Balancer controller node state type: string vm_id: description: | ID of the VM maintained internally. Note: This is automatically generated and cannot be modified. readOnly: true title: |- ID of VM used to recognize it type: string title: |- Information for Advanced Load Balancer controller nodes type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeUserSettings: properties: admin_password: description: | Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length. title: |- Advanced Load Balancer controller admin password type: string admin_ssh_key: description: | To configure ssh into the Advanced Load Balancer controller, this property is required. title: |- Admin User SSH key type: string type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeVMClusterConfig: allOf: - $ref: '#/definitions/ManagedResource' - properties: cluster_ip: description: | The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well. format: ip readOnly: false type: string cluster_name: description: | The cluster name of the Advanced Load Balancer controller node cluster. readOnly: false title: |- Cluster name of Advanced Load Balancer controller cluster type: string cluster_uuid: description: | ID of the Cluster maintained internally. This is different from cluster_uuid internal to Advanced Load Balancer controller. Note: This is automatically generated and cannot be modified. readOnly: true title: |- ID of the Advanced Load Balancer controller cluster used to recognize it type: string required: - cluster_ip type: object x-vmw-nsx-module: PolicyALBControllerDeployment description: | Contains the cluster configuration for a Advanced Load Balancer controller node VM cluster. title: |- Info for Advanced Load Balancer controller node cluster configuration x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeVMDeploymentConfig: description: |- Contains info used to configure the VM on deployment. discriminator: placement_type properties: placement_type: description: | Specifies the config for the platform through which to deploy the VM. enum: - AlbControllerVsphereClusterNodeVmDeploymentConfig title: |- Type of deployment type: string required: - placement_type title: |- Configuration for deploying Advanced Load Balancer controller node VM type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeVMDeploymentProgressState: description: |- Deployment progress state of Advanced Load Balancer controller VM. This Object contains name of current deployment step and overall progress percentage. properties: current_step_title: description: |- Name of the current running step of deployment readOnly: true title: |- Name of the current step type: string progress: description: |- Overall progress percentage of deployment completed format: int64 readOnly: true title: |- Progress percentage type: integer title: |- Deployment progress of Advanced Load Balancer controller VM type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeVMDeploymentRequest: allOf: - $ref: '#/definitions/ManagedResource' - properties: deployment_config: $ref: '#/definitions/ALBControllerNodeVMDeploymentConfig' form_factor: default: MEDIUM description: | Specifies the desired "size" of the VM enum: - SMALL - MEDIUM - LARGE type: string user_settings: $ref: '#/definitions/ALBControllerNodeUserSettings' vm_id: description: | ID of the VM maintained internally. Note: This is automatically generated and cannot be modified. readOnly: true title: |- ID of Advanced Load Balancer controller VM used to recognize it type: string required: - deployment_config type: object x-vmw-nsx-module: PolicyALBControllerDeployment description: | Contains the deployment information for a Advanced Load Balancer controller node VM. title: |- Info for Advanced Load Balancer controller node deployment request x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeVMDeploymentRequestList: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: | Array of existing Advanced Load Balancer Controller Deployment Requests. items: $ref: '#/definitions/ALBControllerNodeVMDeploymentRequest' title: |- Results type: array required: - results type: object x-vmw-nsx-module: PolicyALBControllerDeployment description: |- List of Advanced Load Balancer Controller Deployment Requests. title: |- ALBControllerNodeVMDeploymentRequest list x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerNodeVMDeploymentStatusReport: description: | Contains up-to-date information relating to an auto-deployed VM, including its status and (potentially) an error message. properties: deployment_progress_state: $ref: '#/definitions/ALBControllerNodeVMDeploymentProgressState' failure_code: description: | In case of auto-deployment-related failure, the code for the error will be stored here. format: int64 title: |- Error code for failure type: integer failure_message: description: | In case of auto-deployment-related failure, an error message will be stored here. title: |- Error message for failure type: string status: description: | Status of the addition or deletion of an auto-deployed Advanced Load Balancer controller node VM. enum: - NOT_AVAILABLE - VM_DEPLOYMENT_QUEUED - VM_DEPLOYMENT_IN_PROGRESS - VM_DEPLOYMENT_FAILED - VM_POWER_ON_IN_PROGRESS - VM_POWER_ON_FAILED - VM_POWER_ON_SUCCESSFUL - VM_REGISTRATION_IN_PROGRESS - VM_REGISTRATION_SUCCESSFUL - VM_REGISTRATION_FAILED - VM_WAITING_TO_COME_ONLINE - VM_ONLINE_FAILED - VM_CONFIGURATION_IN_PROGRESS - VM_CONFIGURATION_SUCCESSFUL - VM_CONFIGURATION_FAILED - VM_CLUSTERING_QUEUED - VM_CLUSTERING_IN_PROGRESS - VM_CLUSTERING_SUCCESSFUL - VM_CLUSTERING_FAILED - VM_POWER_OFF_IN_PROGRESS - VM_POWER_OFF_FAILED - WAITING_TO_UNDEPLOY_VM - VM_UNDEPLOY_IN_PROGRESS - VM_UNDEPLOY_FAILED - VM_UNDEPLOY_SUCCESSFUL - UNKNOWN_STATE title: |- Auto-deployed VM's deployment status type: string required: - status title: |- Report of a VM's deployment status type: object x-vmw-nsx-module: PolicyALBControllerDeployment ALBControllerVersion: description: |- ALB Controller Version properties: alb_api_version: description: | It is ALB API version supported by NSX-ALB. title: |- Alb API Version type: string alb_controller_version: description: | It is ALB Controller version deployed by NSX-ALB. title: |- Alb Controller Version type: string title: |- ALBControllerVersion type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCookieMatch: description: |- Advanced load balancer CookieMatch object properties: match_case: default: INSENSITIVE description: | Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_criteria: description: | Criterion to use for matching the cookie in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. enum: - HDR_EXISTS - HDR_DOES_NOT_EXIST - HDR_BEGINS_WITH - HDR_DOES_NOT_BEGIN_WITH - HDR_CONTAINS - HDR_DOES_NOT_CONTAIN - HDR_ENDS_WITH - HDR_DOES_NOT_END_WITH - HDR_EQUALS - HDR_DOES_NOT_EQUAL type: string name: description: |- Name of the cookie. title: |- Name type: string value: description: |- String value in the cookie. title: |- Value type: string required: - name - match_criteria title: |- CookieMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBCustomParams: description: |- Advanced load balancer CustomParams object properties: is_dynamic: default: false description: | Placeholder for description of property is_dynamic of obj type CustomParams field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is dynamic type: boolean is_sensitive: default: false description: | Placeholder for description of property is_sensitive of obj type CustomParams field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is sensitive type: boolean name: description: |- Name of the object. title: |- Name type: string value: description: |- value of CustomParams. title: |- Value type: string required: - name title: |- CustomParams type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDiscoveredNetwork: description: |- Advanced load balancer DiscoveredNetwork object properties: network_name: description: | Discovered network for this IP. It is a reference to an object of type Network. title: |- Network name type: string subnet: description: |- Discovered subnet for this IP. items: $ref: '#/definitions/ALBIpAddrPrefix' title: |- Subnet type: array subnet6: description: |- Discovered IPv6 subnet for this IP. items: $ref: '#/definitions/ALBIpAddrPrefix' title: |- Subnet6 type: array required: - network_name title: |- DiscoveredNetwork type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsAAAARdata: description: |- Advanced load balancer DnsAAAARdata object properties: ip6_address: $ref: '#/definitions/ALBIpAddr' required: - ip6_address title: |- DnsAAAARdata type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsARdata: description: |- Advanced load balancer DnsARdata object properties: ip_address: $ref: '#/definitions/ALBIpAddr' required: - ip_address title: |- DnsARdata type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsAttack: description: |- Advanced load balancer DnsAttack object properties: attack_vector: description: | The DNS attack vector. Enum options - DNS_REFLECTION, DNS_NXDOMAIN, DNS_AMPLIFICATION_EGRESS. enum: - DNS_REFLECTION - DNS_NXDOMAIN - DNS_AMPLIFICATION_EGRESS type: string enabled: default: true description: | Enable or disable the mitigation of the attack vector. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enabled type: boolean max_mitigation_age: default: 60 description: | Time in minutes after which mitigation will be deactivated. Allowed values are 1-4294967295. Special values are 0- 'blocked for ever'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 60. format: int64 maximum: 4294967295 minimum: 0 title: |- Max mitigation age type: integer mitigation_action: $ref: '#/definitions/ALBAttackMitigationAction' threshold: description: | Threshold, in terms of DNS packet per second, for the DNS attack vector. format: int64 title: |- Threshold type: integer required: - attack_vector title: |- DnsAttack type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsAttacks: description: |- Advanced load balancer DnsAttacks object properties: attacks: description: | Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. items: $ref: '#/definitions/ALBDnsAttack' title: |- Attacks type: array oper_mode: description: | Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. enum: - DETECTION - MITIGATION type: string title: |- DnsAttacks type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsClientIpMatch: description: |- Advanced load balancer DnsClientIpMatch object properties: client_ip: $ref: '#/definitions/ALBIpAddrMatch' use_edns_client_subnet_ip: default: true description: | Use the IP address from the EDNS client subnet option, if available, as the source IP address of the client. It should be noted that the edns subnet IP may not be a /32 IP address. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Use edns client subnet ip type: boolean required: - client_ip title: |- DnsClientIpMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsCnameRdata: description: |- Advanced load balancer DnsCnameRdata object properties: cname: description: |- Canonical name. title: |- Cname type: string required: - cname title: |- DnsCnameRdata type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsGeoLocationMatch: description: |- Advanced load balancer DnsGeoLocationMatch object properties: geolocation_name: description: | Geographical location of the client IP to be used in the match. This location is of the format Country/State/City e.g. US/CA/Santa Clara. title: |- Geolocation name type: string geolocation_tag: description: | Geolocation tag for the client IP. This could be any string value for the client IP, e.g. client IPs from US East Coast geolocation would be tagged as 'East Coast'. title: |- Geolocation tag type: string match_criteria: description: | Criterion to use for matching the client IP's geographical location. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string use_edns_client_subnet_ip: default: true description: | Use the IP address from the EDNS client subnet option, if available, to derive geo location of the DNS query. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Use edns client subnet ip type: boolean required: - match_criteria title: |- DnsGeoLocationMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsInfo: description: |- Advanced load balancer DnsInfo object properties: algorithm: default: DNS_RECORD_RESPONSE_CONSISTENT_HASH description: | Specifies the algorithm to pick the IP address(es) to be returned, when multiple entries are configured. This does not apply if num_records_in_response is 0. Default is consistent hash. Enum options - DNS_RECORD_RESPONSE_ROUND_ROBIN, DNS_RECORD_RESPONSE_CONSISTENT_HASH. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_RESPONSE_CONSISTENT_HASH. enum: - DNS_RECORD_RESPONSE_ROUND_ROBIN - DNS_RECORD_RESPONSE_CONSISTENT_HASH type: string cname: $ref: '#/definitions/ALBDnsCnameRdata' fqdn: description: |- Fully qualified domain name. title: |- Fqdn type: string metadata: description: |- Any metadata associated with this record. title: |- Metadata type: string num_records_in_response: description: | Specifies the number of records returned for this FQDN. Enter 0 to return all records. Default is 0. Allowed values are 0-20. Special values are 0- 'Return all records'. format: int64 maximum: 20 minimum: 0 title: |- Num records in response type: integer ttl: description: | Time to live for fqdn record. Default value is chosen from DNS profile for this cloud if no value provided. format: int64 title: |- Ttl type: integer type: default: DNS_RECORD_A description: | DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_A. enum: - DNS_RECORD_OTHER - DNS_RECORD_A - DNS_RECORD_NS - DNS_RECORD_CNAME - DNS_RECORD_SOA - DNS_RECORD_PTR - DNS_RECORD_HINFO - DNS_RECORD_MX - DNS_RECORD_TXT - DNS_RECORD_RP - DNS_RECORD_DNSKEY - DNS_RECORD_AAAA - DNS_RECORD_SRV - DNS_RECORD_OPT - DNS_RECORD_RRSIG - DNS_RECORD_AXFR - DNS_RECORD_ANY type: string title: |- DnsInfo type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsMxRdata: description: |- Advanced load balancer DnsMxRdata object properties: host: description: | Fully qualified domain name of a mailserver. The host name maps directly to one or more address records in the DNS table, and must not point to any CNAME records (RFC 2181). title: |- Host type: string priority: description: | The priority field identifies which mail server should be preferred. Allowed values are 0-65535. format: int64 maximum: 65535 minimum: 0 title: |- Priority type: integer required: - priority - host title: |- DnsMxRdata type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsNsRdata: description: |- Advanced load balancer DnsNsRdata object properties: ip6_address: $ref: '#/definitions/ALBIpAddr' ip_address: $ref: '#/definitions/ALBIpAddr' nsname: description: |- Name Server name. title: |- Nsname type: string required: - nsname title: |- DnsNsRdata type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsPolicies: description: |- Advanced load balancer DnsPolicies object properties: dns_policy_path: description: | path of the dns policy. It is a reference to an object of type DnsPolicy. title: |- Dns policy path type: string index: description: |- Index of the dns policy. format: int64 title: |- Index type: integer required: - index - dns_policy_path title: |- DnsPolicies type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: created_by: description: |- Creator name. title: |- Created by type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array rule: description: |- DNS rules. items: $ref: '#/definitions/ALBDnsRule' title: |- Rule type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer DnsPolicy object title: |- DnsPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsPolicyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of DnsPolicy items: $ref: '#/definitions/ALBDnsPolicy' title: |- Array of DnsPolicy type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | DnsPolicyApiResponse title: |- DnsPolicyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsQueryNameMatch: description: |- Advanced load balancer DnsQueryNameMatch object properties: match_criteria: description: | Criterion to use for string matching the DNS query domain name in the question section. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition. enum: - BEGINS_WITH - DOES_NOT_BEGIN_WITH - CONTAINS - DOES_NOT_CONTAIN - ENDS_WITH - DOES_NOT_END_WITH - EQUALS - DOES_NOT_EQUAL - REGEX_MATCH - REGEX_DOES_NOT_MATCH type: string query_domain_names: description: | Domain name to match against that specified in the question section of the DNS query. items: type: string title: |- Query domain names type: array string_group_paths: description: | path of the string group(s) for matching against DNS query domain name in the question section. It is a reference to an object of type StringGroup. items: type: string title: |- String group paths type: array required: - match_criteria title: |- DnsQueryNameMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsQueryTypeMatch: description: |- Advanced load balancer DnsQueryTypeMatch object properties: match_criteria: description: | Criterion to use for matching the DNS query typein the question section. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string query_type: description: | DNS query types in the request query. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. items: description: |- Valid ENUM values for ALBDnsRecordType enum: - DNS_RECORD_OTHER - DNS_RECORD_A - DNS_RECORD_NS - DNS_RECORD_CNAME - DNS_RECORD_SOA - DNS_RECORD_PTR - DNS_RECORD_HINFO - DNS_RECORD_MX - DNS_RECORD_TXT - DNS_RECORD_RP - DNS_RECORD_DNSKEY - DNS_RECORD_AAAA - DNS_RECORD_SRV - DNS_RECORD_OPT - DNS_RECORD_RRSIG - DNS_RECORD_AXFR - DNS_RECORD_ANY type: string title: |- Query type type: array required: - match_criteria title: |- DnsQueryTypeMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRateLimiter: description: |- Advanced load balancer DnsRateLimiter object properties: action: $ref: '#/definitions/ALBDnsRuleRLAction' rate_limiter_object: $ref: '#/definitions/ALBRateLimiter' required: - action - rate_limiter_object title: |- DnsRateLimiter type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRecord: description: |- Advanced load balancer DnsRecord object properties: algorithm: default: DNS_RECORD_RESPONSE_ROUND_ROBIN description: | Specifies the algorithm to pick the IP address(es) to be returned, when multiple entries are configured. This does not apply if num_records_in_response is 0. Default is round-robin. Enum options - DNS_RECORD_RESPONSE_ROUND_ROBIN, DNS_RECORD_RESPONSE_CONSISTENT_HASH. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_RESPONSE_ROUND_ROBIN. enum: - DNS_RECORD_RESPONSE_ROUND_ROBIN - DNS_RECORD_RESPONSE_CONSISTENT_HASH type: string cname: $ref: '#/definitions/ALBDnsCnameRdata' delegated: default: false description: | Configured FQDNs are delegated domains (i.e. they represent a zone cut). Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Delegated type: boolean description: description: |- Details of DNS record. title: |- Description type: string fqdn: description: | Fully Qualified Domain Name. Minimum of 1 items required. items: type: string title: |- Fqdn type: array ip6_address: description: | IPv6 address in AAAA record. Maximum of 4 items allowed. items: $ref: '#/definitions/ALBDnsAAAARdata' title: |- Ip6 address type: array ip_address: description: | IP address in A record. Maximum of 4 items allowed. items: $ref: '#/definitions/ALBDnsARdata' title: |- Ip address type: array metadata: description: |- Internal metadata for the DNS record. title: |- Metadata type: string mx_records: description: | MX record. Maximum of 4 items allowed. items: $ref: '#/definitions/ALBDnsMxRdata' title: |- Mx records type: array ns: description: | Name Server information in NS record. Maximum of 13 items allowed. items: $ref: '#/definitions/ALBDnsNsRdata' title: |- Ns type: array num_records_in_response: default: 0 description: | Specifies the number of records returned by the DNS service. Enter 0 to return all records. Default is 0. Allowed values are 0-20. Special values are 0- 'Return all records'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 20 minimum: 0 title: |- Num records in response type: integer service_locator: description: | Service locator info in SRV record. Maximum of 4 items allowed. items: $ref: '#/definitions/ALBDnsSrvRdata' title: |- Service locator type: array ttl: description: |- Time To Live for this DNS record. format: int64 title: |- Ttl type: integer txt_records: description: | Text record. Maximum of 4 items allowed. items: $ref: '#/definitions/ALBDnsTxtRdata' title: |- Txt records type: array type: description: | DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. enum: - DNS_RECORD_OTHER - DNS_RECORD_A - DNS_RECORD_NS - DNS_RECORD_CNAME - DNS_RECORD_SOA - DNS_RECORD_PTR - DNS_RECORD_HINFO - DNS_RECORD_MX - DNS_RECORD_TXT - DNS_RECORD_RP - DNS_RECORD_DNSKEY - DNS_RECORD_AAAA - DNS_RECORD_SRV - DNS_RECORD_OPT - DNS_RECORD_RRSIG - DNS_RECORD_AXFR - DNS_RECORD_ANY type: string wildcard_match: default: false description: | Enable wild-card match of fqdn if an exact match is not found in the DNS table, the longest match is chosen by wild-carding the fqdn in the DNS request. Default is false. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Wildcard match type: boolean required: - type - fqdn title: |- DnsRecord type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRrSet: description: |- Advanced load balancer DnsRrSet object properties: cname: $ref: '#/definitions/ALBDnsCnameRdata' fqdn: description: |- Fully Qualified Domain Name. title: |- Fqdn type: string ip6_addresses: description: |- IPv6 address in AAAA record. items: $ref: '#/definitions/ALBDnsAAAARdata' title: |- Ip6 addresses type: array ip_addresses: description: |- IP address in A record. items: $ref: '#/definitions/ALBDnsARdata' title: |- Ip addresses type: array nses: description: |- Name Server information in NS record. items: $ref: '#/definitions/ALBDnsNsRdata' title: |- Nses type: array ttl: description: | Time To Live for this DNS record. Allowed values are 0-2147483647. format: int64 maximum: 2147483647 minimum: 0 title: |- Ttl type: integer type: description: | DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. enum: - DNS_RECORD_OTHER - DNS_RECORD_A - DNS_RECORD_NS - DNS_RECORD_CNAME - DNS_RECORD_SOA - DNS_RECORD_PTR - DNS_RECORD_HINFO - DNS_RECORD_MX - DNS_RECORD_TXT - DNS_RECORD_RP - DNS_RECORD_DNSKEY - DNS_RECORD_AAAA - DNS_RECORD_SRV - DNS_RECORD_OPT - DNS_RECORD_RRSIG - DNS_RECORD_AXFR - DNS_RECORD_ANY type: string required: - type - fqdn - ttl title: |- DnsRrSet type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRule: description: |- Advanced load balancer DnsRule object properties: action: $ref: '#/definitions/ALBDnsRuleAction' enable: default: true description: | Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean index: description: |- Index of the rule. format: int64 title: |- Index type: integer log: description: |- Log DNS query upon rule match. title: |- Log type: boolean match: $ref: '#/definitions/ALBDnsRuleMatchTarget' name: description: |- Name of the rule. title: |- Name type: string required: - index - name title: |- DnsRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleAction: description: |- Advanced load balancer DnsRuleAction object properties: allow: $ref: '#/definitions/ALBDnsRuleActionAllowDrop' dns_rate_limiter: $ref: '#/definitions/ALBDnsRateLimiter' gslb_site_selection: $ref: '#/definitions/ALBDnsRuleActionGslbSiteSelection' pool_switching: $ref: '#/definitions/ALBDnsRuleActionPoolSwitching' response: $ref: '#/definitions/ALBDnsRuleActionResponse' title: |- DnsRuleAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleActionAllowDrop: description: |- Advanced load balancer DnsRuleActionAllowDrop object properties: allow: default: true description: | Allow the DNS query. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Allow type: boolean reset_conn: default: true description: | Reset the TCP connection of the DNS query, if allow is set to false to drop the query. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Reset conn type: boolean title: |- DnsRuleActionAllowDrop type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleActionGslbSiteSelection: description: |- Advanced load balancer DnsRuleActionGslbSiteSelection object properties: fallback_site_names: description: | GSLB fallback sites to use in case the desired site is down. Maximum of 64 items allowed. items: type: string title: |- Fallback site names type: array is_site_preferred: default: true description: | When set to true, GSLB site is a preferred site. This setting comes into play when the site is down, as well as no configured fallback site is available (all fallback sites are also down), then any one available site is selected based on the default algorithm for GSLB pool member selection. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Is site preferred type: boolean site_name: description: |- GSLB site name. title: |- Site name type: string required: - site_name title: |- DnsRuleActionGslbSiteSelection type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleActionPoolSwitching: description: |- Advanced load balancer DnsRuleActionPoolSwitching object properties: pool_group_path: description: | Reference of the pool group to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type PoolGroup. title: |- Pool group path type: string pool_path: description: | Reference of the pool to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type Pool. title: |- Pool path type: string title: |- DnsRuleActionPoolSwitching type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleActionResponse: description: |- Advanced load balancer DnsRuleActionResponse object properties: authoritative: default: true description: | DNS response is authoritative. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Authoritative type: boolean rcode: default: DNS_RCODE_NOERROR description: | DNS response code. Enum options - DNS_RCODE_NOERROR, DNS_RCODE_FORMERR, DNS_RCODE_SERVFAIL, DNS_RCODE_NXDOMAIN, DNS_RCODE_NOTIMP, DNS_RCODE_REFUSED, DNS_RCODE_YXDOMAIN, DNS_RCODE_YXRRSET, DNS_RCODE_NXRRSET, DNS_RCODE_NOTAUTH, DNS_RCODE_NOTZONE. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RCODE_NOERROR. enum: - DNS_RCODE_NOERROR - DNS_RCODE_FORMERR - DNS_RCODE_SERVFAIL - DNS_RCODE_NXDOMAIN - DNS_RCODE_NOTIMP - DNS_RCODE_REFUSED - DNS_RCODE_YXDOMAIN - DNS_RCODE_YXRRSET - DNS_RCODE_NXRRSET - DNS_RCODE_NOTAUTH - DNS_RCODE_NOTZONE type: string resource_record_sets: description: | DNS resource record sets - (resource record set share the DNS domain name, type, and class). items: $ref: '#/definitions/ALBDnsRuleDnsRrSet' title: |- Resource record sets type: array truncation: default: false description: | DNS response is truncated. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Truncation type: boolean title: |- DnsRuleActionResponse type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleDnsRrSet: description: |- Advanced load balancer DnsRuleDnsRrSet object properties: resource_record_set: $ref: '#/definitions/ALBDnsRrSet' section: default: DNS_MESSAGE_SECTION_ANSWER description: | DNS message section for the resource record set. Enum options - DNS_MESSAGE_SECTION_QUESTION, DNS_MESSAGE_SECTION_ANSWER, DNS_MESSAGE_SECTION_AUTHORITY, DNS_MESSAGE_SECTION_ADDITIONAL. Default value when not specified in API or module is interpreted by ALB Controller as DNS_MESSAGE_SECTION_ANSWER. enum: - DNS_MESSAGE_SECTION_QUESTION - DNS_MESSAGE_SECTION_ANSWER - DNS_MESSAGE_SECTION_AUTHORITY - DNS_MESSAGE_SECTION_ADDITIONAL type: string required: - resource_record_set title: |- DnsRuleDnsRrSet type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleMatchTarget: description: |- Advanced load balancer DnsRuleMatchTarget object properties: client_ip_address: $ref: '#/definitions/ALBDnsClientIpMatch' geo_location: $ref: '#/definitions/ALBDnsGeoLocationMatch' protocol: $ref: '#/definitions/ALBDnsTransportProtocolMatch' query_name: $ref: '#/definitions/ALBDnsQueryNameMatch' query_type: $ref: '#/definitions/ALBDnsQueryTypeMatch' title: |- DnsRuleMatchTarget type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsRuleRLAction: description: |- Advanced load balancer DnsRuleRLAction object properties: type: default: DNS_RL_ACTION_NONE description: | Type of action to be enforced upon hitting the rate limit. Enum options - DNS_RL_ACTION_NONE, DNS_RL_ACTION_DROP_REQ. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RL_ACTION_NONE. enum: - DNS_RL_ACTION_NONE - DNS_RL_ACTION_DROP_REQ type: string title: |- DnsRuleRLAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsServiceApplicationProfile: description: |- Advanced load balancer DnsServiceApplicationProfile object properties: aaaa_empty_response: default: true description: | Respond to AAAA queries with empty response when there are only IPV4 records. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Aaaa empty response type: boolean admin_email: default: hostmaster description: | Email address of the administrator responsible for this zone. This field is used in SOA records (rname) pertaining to all domain names specified as authoritative domain names. If not configured, the default value 'hostmaster' is used in SOA responses. Default value when not specified in API or module is interpreted by ALB Controller as hostmaster. title: |- Admin email type: string dns_over_tcp_enabled: default: true description: | Enable DNS query/response over TCP. This enables analytics for pass-through queries as well. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Dns over tcp enabled type: boolean dns_zones: description: | DNS zones hosted on this Virtual Service. Maximum of 100 items allowed. items: $ref: '#/definitions/ALBDnsZone' title: |- Dns zones type: array domain_names: description: | Subdomain names serviced by this Virtual Service. These are configured as Ends-With semantics. Maximum of 100 items allowed. items: type: string title: |- Domain names type: array ecs_stripping_enabled: default: true description: | Enable stripping of EDNS client subnet (ecs) option towards client if DNS service inserts ecs option in the DNS query towards upstream servers. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Ecs stripping enabled type: boolean edns: default: true description: | Enable DNS service to be aware of EDNS (Extension mechanism for DNS). EDNS extensions are parsed and shown in logs. For GSLB services, the EDNS client subnet option can be used to influence Load Balancing. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Edns type: boolean edns_client_subnet_prefix_len: description: | Specifies the IP address prefix length to use in the EDNS client subnet (ECS) option. When the incoming request does not have any ECS option and the prefix length is specified, an ECS option is inserted in the request passed to upstream server. If the incoming request already has an ECS option, the prefix length (and correspondingly the address) in the ECS option is updated, with the minimum of the prefix length present in the incoming and the configured prefix length, before passing the request to upstream server. Allowed values are 1-32. format: int64 maximum: 32 minimum: 1 title: |- Edns client subnet prefix len type: integer error_response: default: DNS_ERROR_RESPONSE_NONE description: | Drop or respond to client when the DNS service encounters an error processing a client query. By default, such a request is dropped without any response, or passed through to a passthrough pool, if configured. When set to respond, an appropriate response is sent to client, e.g. NXDOMAIN response for non-existent records, empty NOERROR response for unsupported queries, etc. Enum options - DNS_ERROR_RESPONSE_ERROR, DNS_ERROR_RESPONSE_NONE. Default value when not specified in API or module is interpreted by ALB Controller as DNS_ERROR_RESPONSE_NONE. enum: - DNS_ERROR_RESPONSE_ERROR - DNS_ERROR_RESPONSE_NONE type: string name_server: description: | The of the name server that was the original or primary source of data for this zone. This field is used in SOA records (mname) pertaining to all domain names specified as authoritative domain names. If not configured, domain name is used as name server in SOA response. title: |- Name server type: string negative_caching_ttl: default: 30 description: | Specifies the TTL value (in seconds) for SOA (Start of Authority) (corresponding to a authoritative domain owned by this DNS Virtual Service) record's minimum TTL served by the DNS Virtual Service. Allowed values are 0-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 30. format: int64 maximum: 86400 minimum: 0 title: |- Negative caching ttl type: integer num_dns_ip: default: 1 description: | Specifies the number of IP addresses returned by the DNS Service. Enter 0 to return all IP addresses. Allowed values are 1-20. Special values are 0- 'Return all IP addresses'. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 20 minimum: 0 title: |- Num dns ip type: integer ttl: default: 30 description: | Specifies the TTL value (in seconds) for records served by DNS Service. Allowed values are 0-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 30. format: int64 maximum: 86400 minimum: 0 title: |- Ttl type: integer title: |- DnsServiceApplicationProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsSrvRdata: description: |- Advanced load balancer DnsSrvRdata object properties: port: description: | Service port. Allowed values are 0-65535. format: int64 maximum: 65535 minimum: 0 title: |- Port type: integer priority: default: 0 description: | Priority of the target hosting the service, low value implies higher priority for this service record. Allowed values are 0-65535. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 65535 minimum: 0 title: |- Priority type: integer target: default: default.host description: | Canonical hostname, of the machine hosting the service, with no trailing period. 'default.host' is valid but not 'default.host.'. Default value when not specified in API or module is interpreted by ALB Controller as default.host. title: |- Target type: string weight: default: 0 description: | Relative weight for service records with same priority, high value implies higher preference for this service record. Allowed values are 0-65535. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 65535 minimum: 0 title: |- Weight type: integer required: - port title: |- DnsSrvRdata type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsTransportProtocolMatch: description: |- Advanced load balancer DnsTransportProtocolMatch object properties: match_criteria: description: | Criterion to use for matching the DNS transport protocol. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string protocol: description: | Protocol to match against transport protocol used by DNS query. Enum options - DNS_OVER_UDP, DNS_OVER_TCP. enum: - DNS_OVER_UDP - DNS_OVER_TCP type: string required: - protocol - match_criteria title: |- DnsTransportProtocolMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsTxtRdata: description: |- Advanced load balancer DnsTxtRdata object properties: text_str: description: |- Text data associated with the FQDN. title: |- Text str type: string required: - text_str title: |- DnsTxtRdata type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDnsZone: description: |- Advanced load balancer DnsZone object properties: admin_email: description: | Email address of the administrator responsible for this zone. This field is used in SOA records as rname (RFC 1035). If not configured, it is inherited from the DNS service profile. title: |- Admin email type: string domain_name: description: | Domain name authoritatively serviced by this Virtual Service. Queries for FQDNs that are sub domains of this domain and do not have any DNS record in Avi are dropped or NXDomain response sent. For domains which are present, SOA parameters are sent in answer section of response if query type is SOA. title: |- Domain name type: string name_server: description: | The primary name server for this zone. This field is used in SOA records as mname (RFC 1035). If not configured, it is inherited from the DNS service profile. If even that is not configured, the domain name is used instead. title: |- Name server type: string required: - domain_name title: |- DnsZone type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDosRateLimitProfile: description: |- Advanced load balancer DosRateLimitProfile object properties: dos_profile: $ref: '#/definitions/ALBDosThresholdProfile' rl_profile: $ref: '#/definitions/ALBRateLimiterProfile' title: |- DosRateLimitProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDosThreshold: description: |- Advanced load balancer DosThreshold object properties: attack: description: | Attack type. Enum options - LAND, SMURF, ICMP_PING_FLOOD, UNKOWN_PROTOCOL, TEARDROP, IP_FRAG_OVERRUN, IP_FRAG_TOOSMALL, IP_FRAG_FULL, IP_FRAG_INCOMPLETE, PORT_SCAN, TCP_NON_SYN_FLOOD_OLD, SYN_FLOOD, BAD_RST_FLOOD, MALFORMED_FLOOD, FAKE_SESSION, ZERO_WINDOW_STRESS, SMALL_WINDOW_STRESS, DOS_HTTP_TIMEOUT, DOS_HTTP_ERROR, DOS_HTTP_ABORT... enum: - LAND - SMURF - ICMP_PING_FLOOD - UNKOWN_PROTOCOL - TEARDROP - IP_FRAG_OVERRUN - IP_FRAG_TOOSMALL - IP_FRAG_FULL - IP_FRAG_INCOMPLETE - PORT_SCAN - TCP_NON_SYN_FLOOD_OLD - SYN_FLOOD - BAD_RST_FLOOD - MALFORMED_FLOOD - FAKE_SESSION - ZERO_WINDOW_STRESS - SMALL_WINDOW_STRESS - DOS_HTTP_TIMEOUT - DOS_HTTP_ERROR - DOS_HTTP_ABORT - DOS_SSL_ERROR - DOS_APP_ERROR - DOS_REQ_IP_RL_DROP - DOS_REQ_URI_RL_DROP - DOS_REQ_URI_SCAN_BAD_RL_DROP - DOS_REQ_URI_SCAN_UNKNOWN_RL_DROP - DOS_REQ_IP_URI_RL_DROP - DOS_CONN_IP_RL_DROP - DOS_SLOW_URL - TCP_NON_SYN_FLOOD - DOS_REQ_CIP_SCAN_BAD_RL_DROP - DOS_REQ_CIP_SCAN_UNKNOWN_RL_DROP - DOS_REQ_IP_RL_DROP_BAD - DOS_REQ_URI_RL_DROP_BAD - DOS_REQ_IP_URI_RL_DROP_BAD - POLICY_DROPS - DOS_CONN_RL_DROP - DOS_REQ_RL_DROP - DOS_REQ_HDR_RL_DROP - DOS_REQ_CUSTOM_RL_DROP - DNS_ATTACK_REFLECTION type: string max_value: description: | Maximum number of packets or connections or requests in a given interval of time to be deemed as attack. format: int64 title: |- Max value type: integer min_value: description: | Minimum number of packets or connections or requests in a given interval of time to be deemed as attack. format: int64 title: |- Min value type: integer required: - max_value - attack - min_value title: |- DosThreshold type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDosThresholdProfile: description: |- Advanced load balancer DosThresholdProfile object properties: thresh_info: description: |- Attack type, min and max values for DoS attack detection. items: $ref: '#/definitions/ALBDosThreshold' title: |- Thresh info type: array thresh_period: default: 5 description: | Timer value in seconds to collect DoS attack metrics based on threshold on the Service Engine for this Virtual Service. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 5. format: int64 title: |- Thresh period type: integer required: - thresh_period title: |- DosThresholdProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBDsrProfile: description: |- Advanced load balancer DsrProfile object properties: dsr_encap_type: default: ENCAP_IPINIP description: | Encapsulation type to use when DSR is L3. Enum options - ENCAP_IPINIP. Default value when not specified in API or module is interpreted by ALB Controller as ENCAP_IPINIP. enum: - ENCAP_IPINIP type: string dsr_type: default: DSR_TYPE_L3 description: | DSR type L2/L3. Enum options - DSR_TYPE_L2, DSR_TYPE_L3. Default value when not specified in API or module is interpreted by ALB Controller as DSR_TYPE_L3. enum: - DSR_TYPE_L2 - DSR_TYPE_L3 type: string title: |- DsrProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBEquivalentLabels: description: |- Advanced load balancer EquivalentLabels object properties: labels: description: |- Equivalent labels. items: type: string title: |- Labels type: array title: |- EquivalentLabels type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBErrorPage: description: |- Advanced load balancer ErrorPage object properties: enable: default: true description: | Enable or disable the error page. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean error_page_body_path: description: | Custom error page body used to sent to the client. It is a reference to an object of type ErrorPageBody. title: |- Error page body path type: string error_redirect: description: |- Redirect sent to client when match. title: |- Error redirect type: string index: description: |- Index of the error page. format: int64 title: |- Index type: integer match: $ref: '#/definitions/ALBHTTPStatusMatch' title: |- ErrorPage type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBErrorPageBody: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: error_page_body: description: |- Error page body sent to client when match. title: |- Error page body type: string format: default: ERROR_PAGE_FORMAT_HTML description: | Format of an error page body HTML or JSON. Enum options - ERROR_PAGE_FORMAT_HTML, ERROR_PAGE_FORMAT_JSON. Default value when not specified in API or module is interpreted by ALB Controller as ERROR_PAGE_FORMAT_HTML. enum: - ERROR_PAGE_FORMAT_HTML - ERROR_PAGE_FORMAT_JSON type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer ErrorPageBody object title: |- ErrorPageBody x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBErrorPageBodyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of ErrorPageBody items: $ref: '#/definitions/ALBErrorPageBody' title: |- Array of ErrorPageBody type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | ErrorPageBodyApiResponse title: |- ErrorPageBodyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBErrorPageProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: error_pages: description: |- Defined Error Pages for HTTP status codes. items: $ref: '#/definitions/ALBErrorPage' title: |- Error pages type: array markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer ErrorPageProfile object title: |- ErrorPageProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBErrorPageProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of ErrorPageProfile items: $ref: '#/definitions/ALBErrorPageProfile' title: |- Array of ErrorPageProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | ErrorPageProfileApiResponse title: |- ErrorPageProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBFailAction: description: |- Advanced load balancer FailAction object properties: local_rsp: $ref: '#/definitions/ALBFailActionHTTPLocalResponse' redirect: $ref: '#/definitions/ALBFailActionHTTPRedirect' type: default: FAIL_ACTION_CLOSE_CONN description: | Enables a response to client when pool experiences a failure. By default TCP connection is closed. Enum options - FAIL_ACTION_HTTP_REDIRECT, FAIL_ACTION_HTTP_LOCAL_RSP, FAIL_ACTION_CLOSE_CONN. Allowed in Basic(Allowed values- FAIL_ACTION_CLOSE_CONN,FAIL_ACTION_HTTP_REDIRECT) edition, Essentials(Allowed values- FAIL_ACTION_CLOSE_CONN) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as FAIL_ACTION_CLOSE_CONN. enum: - FAIL_ACTION_HTTP_REDIRECT - FAIL_ACTION_HTTP_LOCAL_RSP - FAIL_ACTION_CLOSE_CONN type: string required: - type title: |- FailAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBFailActionHTTPLocalResponse: description: |- Advanced load balancer FailActionHTTPLocalResponse object properties: file: $ref: '#/definitions/ALBHTTPLocalFile' status_code: default: FAIL_HTTP_STATUS_CODE_503 description: | Enum options - FAIL_HTTP_STATUS_CODE_200, FAIL_HTTP_STATUS_CODE_503. Default value when not specified in API or module is interpreted by ALB Controller as FAIL_HTTP_STATUS_CODE_503. enum: - FAIL_HTTP_STATUS_CODE_200 - FAIL_HTTP_STATUS_CODE_503 type: string title: |- FailActionHTTPLocalResponse type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBFailActionHTTPRedirect: description: |- Advanced load balancer FailActionHTTPRedirect object properties: host: description: |- host of FailActionHTTPRedirect. title: |- Host type: string path: description: |- path of FailActionHTTPRedirect. title: |- Path type: string protocol: default: HTTP description: | Enum options - HTTP, HTTPS. Allowed in Basic(Allowed values- HTTP) edition, Enterprise edition. Special default for Basic edition is HTTP, Enterprise is HTTPS. Default value when not specified in API or module is interpreted by ALB Controller as HTTP. enum: - HTTP - HTTPS type: string query: description: |- query of FailActionHTTPRedirect. title: |- Query type: string status_code: default: HTTP_REDIRECT_STATUS_CODE_302 description: | Enum options - HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307. Allowed in Basic(Allowed values- HTTP_REDIRECT_STATUS_CODE_302) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_REDIRECT_STATUS_CODE_302. enum: - HTTP_REDIRECT_STATUS_CODE_301 - HTTP_REDIRECT_STATUS_CODE_302 - HTTP_REDIRECT_STATUS_CODE_307 type: string required: - host title: |- FailActionHTTPRedirect type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBFullClientLogs: description: |- Advanced load balancer FullClientLogs object properties: duration: default: 30 description: | How long should the system capture all logs, measured in minutes. Set to 0 for infinite. Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. format: int64 title: |- Duration type: integer enabled: default: false description: | Capture all client logs including connections and requests. When deactivated, only errors will be logged. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is False. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enabled type: boolean throttle: default: 10 description: | This setting limits the number of non-significant logs generated per second for this VS on each SE. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 title: |- Throttle type: integer required: - enabled title: |- FullClientLogs type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBGeoLocation: description: |- Advanced load balancer GeoLocation object properties: latitude: description: | Latitude of the location. This is represented as degrees.minutes. The range is from -90.0 (south) to +90.0 (north). Allowed values are -90.0-+90.0. title: |- Latitude type: number longitude: description: | Longitude of the location. This is represented as degrees.minutes. The range is from -180.0 (west) to +180.0 (east). Allowed values are -180.0-+180.0. title: |- Longitude type: number name: description: |- Location name in the format Country/State/City. title: |- Name type: string tag: description: |- Location tag string - example USEast. title: |- Tag type: string title: |- GeoLocation type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHSMAwsCloudHsm: description: |- Advanced load balancer HSMAwsCloudHsm object properties: client_config: description: |- client_config of HSMAwsCloudHsm. title: |- Client config type: string cluster_cert: description: |- AWS CloudHSM Cluster Certificate. title: |- Cluster cert type: string crypto_user_name: description: | Username of the Crypto User. This will be used to access the keys on the HSM . title: |- Crypto user name type: string crypto_user_password: description: | Password of the Crypto User. This will be used to access the keys on the HSM . title: |- Crypto user password type: string hsm_ip: description: | IP address of the HSM in the cluster. If there are more than one HSMs, only one is sufficient. items: type: string title: |- Hsm ip type: array mgmt_config: description: |- mgmt_config of HSMAwsCloudHsm. title: |- Mgmt config type: string title: |- HSMAwsCloudHsm type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHSMSafenetClientInfo: description: |- Advanced load balancer HSMSafenetClientInfo object properties: chrystoki_conf: description: |- Generated File - Chrystoki.conf . title: |- Chrystoki conf type: string client_cert: description: |- Client Certificate generated by createCert. title: |- Client cert type: string client_ip: description: |- Name prepended to client key and certificate filename. title: |- Client ip type: string client_priv_key: description: |- Client Private Key generated by createCert. title: |- Client priv key type: string session_major_number: description: |- Major number of the sesseion. format: int64 title: |- Session major number type: integer session_minor_number: description: |- Minor number of the sesseion. format: int64 title: |- Session minor number type: integer required: - client_ip title: |- HSMSafenetClientInfo type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHSMSafenetLuna: description: |- Advanced load balancer HSMSafenetLuna object properties: ha_group_num: description: |- Group Number of generated HA Group. format: int64 title: |- Ha group num type: integer is_ha: default: false description: | Set to indicate HA across more than one servers. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is ha type: boolean node_info: description: |- Node specific information. items: $ref: '#/definitions/ALBHSMSafenetClientInfo' title: |- Node info type: array server: description: |- SafeNet/Gemalto HSM Servers used for crypto operations. items: $ref: '#/definitions/ALBHSMSafenetLunaServer' title: |- Server type: array server_pem: description: |- Generated File - server.pem. title: |- Server pem type: string use_dedicated_network: default: false description: | If enabled, dedicated network is used to communicate with HSM,else, the management network is used. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Use dedicated network type: boolean required: - is_ha title: |- HSMSafenetLuna type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHSMSafenetLunaServer: description: |- Advanced load balancer HSMSafenetLunaServer object properties: index: description: |- Number of index. format: int64 title: |- Index type: integer partition_passwd: description: |- Password of the partition assigned to this client. title: |- Partition passwd type: string partition_serial_number: description: |- Serial number of the partition assigned to this client. title: |- Partition serial number type: string remote_ip: description: |- IP address of the Safenet/Gemalto HSM device. title: |- Remote ip type: string server_cert: description: |- CA certificate of the server. title: |- Server cert type: string required: - index - remote_ip - server_cert title: |- HSMSafenetLunaServer type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHSMThalesNetHsm: description: |- Advanced load balancer HSMThalesNetHsm object properties: esn: description: | Electronic serial number of the netHSM device. Use Thales anonkneti utility to find the netHSM ESN. title: |- Esn type: string keyhash: description: | Hash of the key that netHSM device uses to authenticate itself. Use Thales anonkneti utility to find the netHSM keyhash. title: |- Keyhash type: string module_id: default: 0 description: | Local module id of the netHSM device. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Module id type: integer priority: default: 100 description: | Priority class of the nethsm in an high availability setup. 1 is the highest priority and 100 is the lowest priority. Allowed values are 1-100. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 maximum: 100 minimum: 1 title: |- Priority type: integer remote_ip: $ref: '#/definitions/ALBIpAddr' remote_port: default: 9004 description: | Port at which the netHSM device accepts the connection. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 9004. format: int64 maximum: 65535 minimum: 1 title: |- Remote port type: integer required: - priority - esn - keyhash - remote_ip title: |- HSMThalesNetHsm type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHSMThalesRFS: description: |- Advanced load balancer HSMThalesRFS object properties: ip: $ref: '#/definitions/ALBIpAddr' port: default: 9004 description: | Port at which the RFS server accepts the sync request from clients for Thales encrypted private key. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 9004. format: int64 maximum: 65535 minimum: 1 title: |- Port type: integer required: - ip title: |- HSMThalesRFS type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTP2ApplicationProfile: description: |- Advanced load balancer HTTP2ApplicationProfile object properties: http2_initial_window_size: default: 64 description: | The initial flow control window size in KB for HTTP/2 streams. Allowed values are 64-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 64. format: int64 maximum: 32768 minimum: 64 title: |- Http2 initial window size type: integer max_http2_concurrent_streams_per_connection: default: 128 description: | The max number of concurrent streams over a client side HTTP/2 connection. Allowed values are 1-256. Default value when not specified in API or module is interpreted by ALB Controller as 128. format: int64 maximum: 256 minimum: 1 title: |- Max http2 concurrent streams per connection type: integer max_http2_control_frames_per_connection: default: 1000 description: | The max number of control frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited control frames on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. format: int64 maximum: 10000 minimum: 0 title: |- Max http2 control frames per connection type: integer max_http2_empty_data_frames_per_connection: default: 1000 description: | The max number of empty data frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited empty data frames over a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. format: int64 maximum: 10000 minimum: 0 title: |- Max http2 empty data frames per connection type: integer max_http2_header_field_size: default: 4096 description: | The maximum size in bytes of the compressed request header field. The limit applies equally to both name and value. Allowed values are 1-8192. Unit is BYTES. Default value when not specified in API or module is interpreted by ALB Controller as 4096. format: int64 maximum: 8192 minimum: 1 title: |- Max http2 header field size type: integer max_http2_queued_frames_to_client_per_connection: default: 1000 description: | The max number of frames that can be queued waiting to be sent over a client side HTTP/2 connection at any given time. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited frames can be queued on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. format: int64 maximum: 10000 minimum: 0 title: |- Max http2 queued frames to client per connection type: integer max_http2_requests_per_connection: default: 1000 description: | The maximum number of requests over a client side HTTP/2 connection. Allowed values are 0-10000. Special values are 0- 'Unlimited requests on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000. format: int64 maximum: 10000 minimum: 0 title: |- Max http2 requests per connection type: integer title: |- HTTP2ApplicationProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPApplicationProfile: description: |- Advanced load balancer HTTPApplicationProfile object properties: allow_dots_in_header_name: default: false description: | Allow use of dot (.) in HTTP header names, for instance Header.app.special PickAppVersionX. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Allow dots in header name type: boolean cache_config: $ref: '#/definitions/ALBHttpCacheConfig' client_body_timeout: default: 30000 description: | The maximum length of time allowed between consecutive read operations for a client request body. The value '0' specifies no timeout. This setting generally impacts the length of time allowed for a client to send a POST. Allowed values are 0-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 30000) edition, Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000. format: int64 maximum: 100000000 minimum: 0 title: |- Client body timeout type: integer client_header_timeout: default: 10000 description: | The maximum length of time allowed for a client to transmit an entire request header. This helps mitigate various forms of SlowLoris attacks. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 10000) edition, Essentials(Allowed values- 10000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10000. format: int64 maximum: 100000000 minimum: 10 title: |- Client header timeout type: integer client_max_body_size: default: 0 description: | Maximum size for the client request body. This limits the size of the client data that can be uploaded/posted as part of a single HTTP Request. Default 0 => Unlimited. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Client max body size type: integer client_max_header_size: default: 12 description: | Maximum size in Kbytes of a single HTTP header in the client request. Allowed values are 1-64. Unit is KB. Allowed in Basic(Allowed values- 12) edition, Essentials(Allowed values- 12) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 12. format: int64 maximum: 64 minimum: 1 title: |- Client max header size type: integer client_max_request_size: default: 48 description: | Maximum size in Kbytes of all the client HTTP request headers. Allowed values are 1-256. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 48. format: int64 maximum: 256 minimum: 1 title: |- Client max request size type: integer compression_profile: $ref: '#/definitions/ALBCompressionProfile' connection_multiplexing_enabled: default: true description: | Allows HTTP requests, not just TCP connections, to be load balanced across servers. Proxied TCP connections to servers may be reused by multiple clients to improve performance. Not compatible with Preserve Client IP. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Connection multiplexing enabled type: boolean disable_keepalive_posts_msie6: default: true description: | Disable keep-alive client side connections for older browsers based off MS Internet Explorer 6.0 (MSIE6). For some applications, this might break NTLM authentication for older clients based off MSIE6. For such applications, set this option to false to allow keep-alive connections. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Disable keepalive posts msie6 type: boolean disable_sni_hostname_check: default: false description: | Disable strict check between TLS servername and HTTP Host name. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Disable sni hostname check type: boolean enable_chunk_merge: default: true description: | Enable chunk body merge for chunked transfer encoding response. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable chunk merge type: boolean enable_fire_and_forget: default: false description: | Enable support for fire and forget feature. If enabled, request from client is forwarded to server even if client prematurely closes the connection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable fire and forget type: boolean enable_request_body_buffering: default: false description: | Enable request body buffering for POST requests. If enabled, max buffer size is set to lower of 32M or the value (non-zero) configured in client_max_body_size. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable request body buffering type: boolean enable_request_body_metrics: default: false description: | Enable HTTP request body metrics. If enabled, requests from clients are parsed and relevant statistics about them are gathered. Currently, it processes HTTP POST requests with Content-Type application/x-www-form-urlencoded or multipart/form-data, and adds the number of detected parameters to the l7_client.http_params_count. This is an experimental feature and it may have performance impact. Use it when detailed information about the number of HTTP POST parameters is needed, e.g. for WAF sizing. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable request body metrics type: boolean fwd_close_hdr_for_bound_connections: default: true description: | Forward the Connection Close header coming from backend server to the client if connection-switching is enabled, i.e. front-end and backend connections are bound together. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Fwd close hdr for bound connections type: boolean hsts_enabled: default: false description: | Inserts HTTP Strict-Transport-Security header in the HTTPS response. HSTS can help mitigate man-in-the-middle attacks by telling browsers that support HSTS that they should only access this site via HTTPS. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Hsts enabled type: boolean hsts_max_age: default: 365 description: | Number of days for which the client should regard this virtual service as a known HSTS host. Allowed values are 0-10000. Allowed in Basic(Allowed values- 365) edition, Essentials(Allowed values- 365) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 365. format: int64 maximum: 10000 minimum: 0 title: |- Hsts max age type: integer hsts_subdomains_enabled: default: false description: | Insert the 'includeSubdomains' directive in the HTTP Strict-Transport-Security header. Adding the includeSubdomains directive signals the User-Agent that the HSTS Policy applies to this HSTS Host as well as any subdomains of the host's domain name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Hsts subdomains enabled type: boolean http2_profile: $ref: '#/definitions/ALBHTTP2ApplicationProfile' http_to_https: default: false description: | Client requests received via HTTP will be redirected to HTTPS. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Http to https type: boolean http_upstream_buffer_size: default: 0 description: | Size of HTTP buffer in kB. Allowed values are 1-256. Special values are 0- 'Auto compute the size of buffer'. Unit is KB. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 256 minimum: 0 title: |- Http upstream buffer size type: integer httponly_enabled: default: false description: | Mark HTTP cookies as HTTPonly. This helps mitigate cross site scripting attacks as browsers will not allow these cookies to be read by third parties, such as javascript. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Httponly enabled type: boolean keepalive_header: default: false description: | Send HTTP 'Keep-Alive' header to the client. By default, the timeout specified in the 'Keep-Alive Timeout' field will be used unless the 'Use App Keepalive Timeout' flag is set, in which case the timeout sent by the application will be honored. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Keepalive header type: boolean keepalive_timeout: default: 30000 description: | The max idle time allowed between HTTP requests over a Keep-alive connection. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000. format: int64 maximum: 100000000 minimum: 10 title: |- Keepalive timeout type: integer max_bad_rps_cip: default: 0 description: | Maximum bad requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max bad rps cip type: integer max_bad_rps_cip_uri: default: 0 description: | Maximum bad requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max bad rps cip uri type: integer max_bad_rps_uri: default: 0 description: | Maximum bad requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max bad rps uri type: integer max_keepalive_requests: default: 100 description: | The max number of HTTP requests that can be sent over a Keep-Alive connection. '0' means unlimited. Allowed values are 0-1000000. Special values are 0- 'Unlimited requests on a connection'. Allowed in Basic(Allowed values- 100) edition, Essentials(Allowed values- 100) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 maximum: 1000000 minimum: 0 title: |- Max keepalive requests type: integer max_response_headers_size: default: 48 description: | Maximum size in Kbytes of all the HTTP response headers. Allowed values are 1-256. Unit is KB. Allowed in Basic(Allowed values- 48) edition, Essentials(Allowed values- 48) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 48. format: int64 maximum: 256 minimum: 1 title: |- Max response headers size type: integer max_rps_cip: default: 0 description: | Maximum requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max rps cip type: integer max_rps_cip_uri: default: 0 description: | Maximum requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max rps cip uri type: integer max_rps_unknown_cip: default: 0 description: | Maximum unknown client IPs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max rps unknown cip type: integer max_rps_unknown_uri: default: 0 description: | Maximum unknown URIs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max rps unknown uri type: integer max_rps_uri: default: 0 description: | Maximum requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max rps uri type: integer pki_profile_path: description: | Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile. title: |- Pki profile path type: string post_accept_timeout: default: 30000 description: | The max allowed length of time between a client establishing a TCP connection and Avi receives the first byte of the client's HTTP request. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 30000) edition, Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000. format: int64 maximum: 100000000 minimum: 10 title: |- Post accept timeout type: integer reset_conn_http_on_ssl_port: default: false description: | If enabled, an HTTP request on an SSL port will result in connection close instead of a 400 response. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Reset conn http on ssl port type: boolean respond_with_100_continue: default: true description: "Avi will respond with 100-Continue response if Expect \n100-Continue\ \ header received from client.\nDefault value when not specified in API\ \ or module is\ninterpreted by ALB Controller as true.\n" title: |- Respond with 100 continue type: boolean secure_cookie_enabled: default: false description: | Mark server cookies with the 'Secure' attribute. Client browsers will not send a cookie marked as secure over an unencrypted connection. If Avi is terminating SSL from clients and passing it as HTTP to the server, the server may return cookies without the secure flag set. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Secure cookie enabled type: boolean server_side_redirect_to_https: default: false description: | When terminating client SSL sessions at Avi, servers may incorrectly send redirect to clients as HTTP. This option will rewrite the server's redirect responses for this virtual service from HTTP to HTTPS. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Server side redirect to https type: boolean ssl_client_certificate_action: $ref: '#/definitions/ALBSSLClientCertificateAction' ssl_client_certificate_mode: default: SSL_CLIENT_CERTIFICATE_NONE description: | Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE. Allowed in Basic(Allowed values- SSL_CLIENT_CERTIFICATE_NONE,SSL_CLIENT_CERTIFICATE_REQUIRE) edition, Essentials(Allowed values- SSL_CLIENT_CERTIFICATE_NONE,SSL_CLIENT_CERTIFICATE_REQUIRE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CLIENT_CERTIFICATE_NONE. enum: - SSL_CLIENT_CERTIFICATE_NONE - SSL_CLIENT_CERTIFICATE_REQUEST - SSL_CLIENT_CERTIFICATE_REQUIRE type: string use_app_keepalive_timeout: default: false description: | Use 'Keep-Alive' header timeout sent by application instead of sending the HTTP Keep-Alive Timeout. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Use app keepalive timeout type: boolean websockets_enabled: default: true description: | Enable Websockets proxy for traffic from clients to the virtual service. Connections to this VS start in HTTP mode. If the client requests an Upgrade to Websockets, and the server responds back with success, then the connection is upgraded to WebSockets mode. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Websockets enabled type: boolean x_forwarded_proto_enabled: default: false description: | Insert an X-Forwarded-Proto header in the request sent to the server. When the client connects via SSL, Avi terminates the SSL, and then forwards the requests to the servers via HTTP, so the servers can determine the original protocol via this header. In this example, the value will be 'https'. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- X forwarded proto enabled type: boolean xff_alternate_name: default: X-Forwarded-For description: | Provide a custom name for the X-Forwarded-For header sent to the servers. Default value when not specified in API or module is interpreted by ALB Controller as X-Forwarded-For. title: |- Xff alternate name type: string xff_enabled: default: true description: | The client's original IP address is inserted into an HTTP request header sent to the server. Servers may use this address for logging or other purposes, rather than Avi's source NAT address used in the Avi to server IP connection. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Xff enabled type: boolean title: |- HTTPApplicationProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPClientAuthenticationParams: description: |- Advanced load balancer HTTPClientAuthenticationParams object properties: auth_profile_path: description: | Auth Profile to use for validating users. It is a reference to an object of type AuthProfile. title: |- Auth profile path type: string realm: description: | Basic authentication realm to present to a user along with the prompt for credentials. title: |- Realm type: string request_uri_path: $ref: '#/definitions/ALBStringMatch' type: description: | type of client authentication. Enum options - HTTP_BASIC_AUTH. enum: - HTTP_BASIC_AUTH type: string title: |- HTTPClientAuthenticationParams type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPCookieData: description: |- Advanced load balancer HTTPCookieData object properties: name: description: |- Cookie name. title: |- Name type: string value: description: |- Cookie value. title: |- Value type: string title: |- HTTPCookieData type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPHdrAction: description: |- Advanced load balancer HTTPHdrAction object properties: action: description: | ADD A new header with the new value is added irrespective of the existence of an HTTP header of the given name. REPLACE A new header with the new value is added if no header of the given name exists, else existing headers with the given name are removed and a new header with the new value is added. REMOVE All the headers of the given name are removed. Enum options - HTTP_ADD_HDR, HTTP_REMOVE_HDR, HTTP_REPLACE_HDR. Allowed in Basic(Allowed values- HTTP_REMOVE_HDR,HTTP_REPLACE_HDR) edition, Essentials(Allowed values- HTTP_REMOVE_HDR,HTTP_REPLACE_HDR) edition, Enterprise edition. enum: - HTTP_ADD_HDR - HTTP_REMOVE_HDR - HTTP_REPLACE_HDR type: string cookie: $ref: '#/definitions/ALBHTTPCookieData' hdr: $ref: '#/definitions/ALBHTTPHdrData' required: - action title: |- HTTPHdrAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPHdrData: description: |- Advanced load balancer HTTPHdrData object properties: name: description: |- HTTP header name. title: |- Name type: string value: $ref: '#/definitions/ALBHTTPHdrValue' title: |- HTTPHdrData type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPHdrValue: description: |- Advanced load balancer HTTPHdrValue object properties: val: description: |- HTTP header value or variable representing an HTTP header. title: |- Val type: string var: description: | Variable. Enum options - HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID, HTTP_POLICY_VAR_SSL_CLIENT_VERSION, HTTP_POLICY_VAR_SSL_CLIENT_SIGALG, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER. enum: - HTTP_POLICY_VAR_CLIENT_IP - HTTP_POLICY_VAR_VS_PORT - HTTP_POLICY_VAR_VS_IP - HTTP_POLICY_VAR_HTTP_HDR - HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT - HTTP_POLICY_VAR_SSL_CLIENT_SERIAL - HTTP_POLICY_VAR_SSL_CLIENT_ISSUER - HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT - HTTP_POLICY_VAR_SSL_CLIENT_RAW - HTTP_POLICY_VAR_SSL_PROTOCOL - HTTP_POLICY_VAR_SSL_SERVER_NAME - HTTP_POLICY_VAR_USER_NAME - HTTP_POLICY_VAR_SSL_CIPHER - HTTP_POLICY_VAR_REQUEST_ID - HTTP_POLICY_VAR_SSL_CLIENT_VERSION - HTTP_POLICY_VAR_SSL_CLIENT_SIGALG - HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE - HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER type: string title: |- HTTPHdrValue type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPLocalFile: description: |- Advanced load balancer HTTPLocalFile object properties: content_type: description: |- Mime-type of the content in the file. title: |- Content type type: string file_content: description: |- File content to used in the local HTTP response body. title: |- File content type: string required: - file_content - content_type title: |- HTTPLocalFile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPPolicies: description: |- Advanced load balancer HTTPPolicies object properties: http_policy_set_path: description: | path of the virtual service HTTP policy collection. It is a reference to an object of type HTTPPolicySet. title: |- Http policy set path type: string index: description: |- Index of the virtual service HTTP policy collection. format: int64 title: |- Index type: integer required: - index - http_policy_set_path title: |- HTTPPolicies type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPPolicySet: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cloud_config_cksum: description: | Checksum of cloud configuration for Pool. Internally set by cloud connector. title: |- Cloud config cksum type: string created_by: description: |- Creator name. title: |- Created by type: string http_request_policy: $ref: '#/definitions/ALBHTTPRequestPolicy' http_response_policy: $ref: '#/definitions/ALBHTTPResponsePolicy' http_security_policy: $ref: '#/definitions/ALBHTTPSecurityPolicy' is_internal_policy: default: false description: | Placeholder for description of property is_internal_policy of obj type HTTPPolicySet field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is internal policy type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer HTTPPolicySet object title: |- HTTPPolicySet x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPPolicySetApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of HTTPPolicySet items: $ref: '#/definitions/ALBHTTPPolicySet' title: |- Array of HTTPPolicySet type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | HTTPPolicySetApiResponse title: |- HTTPPolicySetApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPRedirectAction: description: |- Advanced load balancer HTTPRedirectAction object properties: host: $ref: '#/definitions/ALBURIParam' keep_query: default: true description: | Keep or drop the query of the incoming request URI in the redirected URI. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Keep query type: boolean path: $ref: '#/definitions/ALBURIParam' port: description: | Port to which redirect the request. Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- Port type: integer protocol: description: | Protocol type. Enum options - HTTP, HTTPS. enum: - HTTP - HTTPS type: string status_code: default: HTTP_REDIRECT_STATUS_CODE_302 description: | HTTP redirect status code. Enum options - HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_REDIRECT_STATUS_CODE_302. enum: - HTTP_REDIRECT_STATUS_CODE_301 - HTTP_REDIRECT_STATUS_CODE_302 - HTTP_REDIRECT_STATUS_CODE_307 type: string required: - protocol title: |- HTTPRedirectAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPRequestPolicy: description: |- Advanced load balancer HTTPRequestPolicy object properties: rules: description: |- Add rules to the HTTP request policy. items: $ref: '#/definitions/ALBHTTPRequestRule' title: |- Rules type: array title: |- HTTPRequestPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPRequestRule: description: |- Advanced load balancer HTTPRequestRule object properties: all_headers: description: |- Log all HTTP headers upon rule match. title: |- All headers type: boolean enable: default: true description: | Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean hdr_action: description: |- HTTP header rewrite action. items: $ref: '#/definitions/ALBHTTPHdrAction' title: |- Hdr action type: array index: description: |- Index of the rule. format: int64 title: |- Index type: integer log: description: |- Log HTTP request upon rule match. title: |- Log type: boolean match: $ref: '#/definitions/ALBMatchTarget' name: description: |- Name of the rule. title: |- Name type: string redirect_action: $ref: '#/definitions/ALBHTTPRedirectAction' rewrite_url_action: $ref: '#/definitions/ALBHTTPRewriteURLAction' switching_action: $ref: '#/definitions/ALBHTTPSwitchingAction' required: - index - enable - name title: |- HTTPRequestRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPReselectRespCode: description: |- Advanced load balancer HTTPReselectRespCode object properties: codes: description: | HTTP response code to be matched. Allowed values are 400-599. items: format: int64 type: integer title: |- Codes type: array ranges: description: |- HTTP response code ranges to match. items: $ref: '#/definitions/ALBHTTPStatusRange' title: |- Ranges type: array resp_code_block: description: | Block of HTTP response codes to match for server reselect. Enum options - HTTP_RSP_4XX, HTTP_RSP_5XX. items: description: |- Valid ENUM values for ALBHttpReselectRespCodeBlock enum: - HTTP_RSP_4XX - HTTP_RSP_5XX type: string title: |- Resp code block type: array title: |- HTTPReselectRespCode type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPResponsePolicy: description: |- Advanced load balancer HTTPResponsePolicy object properties: rules: description: |- Add rules to the HTTP response policy. items: $ref: '#/definitions/ALBHTTPResponseRule' title: |- Rules type: array title: |- HTTPResponsePolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPResponseRule: description: |- Advanced load balancer HTTPResponseRule object properties: all_headers: description: |- Log all HTTP headers upon rule match. title: |- All headers type: boolean enable: default: true description: | Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean hdr_action: description: |- HTTP header rewrite action. items: $ref: '#/definitions/ALBHTTPHdrAction' title: |- Hdr action type: array index: description: |- Index of the rule. format: int64 title: |- Index type: integer loc_hdr_action: $ref: '#/definitions/ALBHTTPRewriteLocHdrAction' log: description: |- Log HTTP request upon rule match. title: |- Log type: boolean match: $ref: '#/definitions/ALBResponseMatchTarget' name: description: |- Name of the rule. title: |- Name type: string required: - index - enable - name title: |- HTTPResponseRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPRewriteLocHdrAction: description: |- Advanced load balancer HTTPRewriteLocHdrAction object properties: host: $ref: '#/definitions/ALBURIParam' keep_query: default: true description: | Keep or drop the query from the server side redirect URI. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Keep query type: boolean path: $ref: '#/definitions/ALBURIParam' port: description: | Port to use in the redirected URI. Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- Port type: integer protocol: description: | HTTP protocol type. Enum options - HTTP, HTTPS. enum: - HTTP - HTTPS type: string required: - protocol title: |- HTTPRewriteLocHdrAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPRewriteURLAction: description: |- Advanced load balancer HTTPRewriteURLAction object properties: host_hdr: $ref: '#/definitions/ALBURIParam' path: $ref: '#/definitions/ALBURIParam' query: $ref: '#/definitions/ALBURIParamQuery' title: |- HTTPRewriteURLAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPSecurityAction: description: |- Advanced load balancer HTTPSecurityAction object properties: action: description: | Type of the security action to perform. Enum options - HTTP_SECURITY_ACTION_CLOSE_CONN, HTTP_SECURITY_ACTION_SEND_RESPONSE, HTTP_SECURITY_ACTION_ALLOW, HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS, HTTP_SECURITY_ACTION_RATE_LIMIT, HTTP_SECURITY_ACTION_REQUEST_CHECK_ICAP. Allowed in Basic(Allowed values- HTTP_SECURITY_ACTION_CLOSE_CONN,HTTP_SECURITY_ACTION_SEND_RESPONSE,HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS) edition, Essentials(Allowed values- HTTP_SECURITY_ACTION_CLOSE_CONN,HTTP_SECURITY_ACTION_SEND_RESPONSE,HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS) edition, Enterprise edition. enum: - HTTP_SECURITY_ACTION_CLOSE_CONN - HTTP_SECURITY_ACTION_SEND_RESPONSE - HTTP_SECURITY_ACTION_ALLOW - HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS - HTTP_SECURITY_ACTION_RATE_LIMIT - HTTP_SECURITY_ACTION_REQUEST_CHECK_ICAP type: string file: $ref: '#/definitions/ALBHTTPLocalFile' https_port: description: | Secure SSL/TLS port to redirect the HTTP request to. Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- Https port type: integer rate_profile: $ref: '#/definitions/ALBHTTPSecurityActionRateProfile' status_code: description: | HTTP status code to use for local response. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501. enum: - HTTP_LOCAL_RESPONSE_STATUS_CODE_200 - HTTP_LOCAL_RESPONSE_STATUS_CODE_204 - HTTP_LOCAL_RESPONSE_STATUS_CODE_403 - HTTP_LOCAL_RESPONSE_STATUS_CODE_404 - HTTP_LOCAL_RESPONSE_STATUS_CODE_429 - HTTP_LOCAL_RESPONSE_STATUS_CODE_501 type: string required: - action title: |- HTTPSecurityAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPSecurityActionRateProfile: description: |- Advanced load balancer HTTPSecurityActionRateProfile object properties: action: $ref: '#/definitions/ALBRateLimiterAction' per_client_ip: description: |- Rate limiting should be done on a per client ip basis. title: |- Per client ip type: boolean per_uri_path: description: | Rate limiting should be done on a per request uri path basis. title: |- Per uri path type: boolean rate_limiter: $ref: '#/definitions/ALBRateLimiter' required: - action - rate_limiter title: |- HTTPSecurityActionRateProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPSecurityPolicy: description: |- Advanced load balancer HTTPSecurityPolicy object properties: rules: description: |- Add rules to the HTTP security policy. items: $ref: '#/definitions/ALBHTTPSecurityRule' title: |- Rules type: array title: |- HTTPSecurityPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPSecurityRule: description: |- Advanced load balancer HTTPSecurityRule object properties: action: $ref: '#/definitions/ALBHTTPSecurityAction' enable: default: true description: | Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean index: description: |- Index of the rule. format: int64 title: |- Index type: integer log: description: |- Log HTTP request upon rule match. title: |- Log type: boolean match: $ref: '#/definitions/ALBMatchTarget' name: description: |- Name of the rule. title: |- Name type: string required: - index - enable - name title: |- HTTPSecurityRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPServerReselect: description: |- Advanced load balancer HTTPServerReselect object properties: enabled: default: false description: | Enable HTTP request reselect when server responds with specific response codes. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enabled type: boolean num_retries: default: 4 description: | Number of times to retry an HTTP request when server responds with configured status codes. Default value when not specified in API or module is interpreted by ALB Controller as 4. format: int64 minimum: 0 title: |- Num retries type: integer retry_nonidempotent: default: false description: | Allow retry of non-idempotent HTTP requests. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Retry nonidempotent type: boolean retry_timeout: default: 0 description: | Timeout per retry attempt, for a given request. Value of 0 indicates default timeout. Allowed values are 0-3600000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 3600000 minimum: 0 title: |- Retry timeout type: integer svr_resp_code: $ref: '#/definitions/ALBHTTPReselectRespCode' required: - enabled title: |- HTTPServerReselect type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPStatusMatch: description: |- Advanced load balancer HTTPStatusMatch object properties: match_criteria: description: | Criterion to use for matching the HTTP response status code(s). Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string ranges: description: |- HTTP response status code range(s). items: $ref: '#/definitions/ALBHTTPStatusRange' title: |- Ranges type: array status_codes: description: |- HTTP response status code(s). items: format: int64 type: integer title: |- Status codes type: array required: - match_criteria title: |- HTTPStatusMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPStatusRange: description: |- Advanced load balancer HTTPStatusRange object properties: begin: description: |- Starting HTTP response status code. format: int64 title: |- Begin type: integer end: description: |- Ending HTTP response status code. format: int64 title: |- End type: integer required: - begin - end title: |- HTTPStatusRange type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPSwitchingAction: description: |- Advanced load balancer HTTPSwitchingAction object properties: action: description: | Content switching action type. Enum options - HTTP_SWITCHING_SELECT_POOL, HTTP_SWITCHING_SELECT_LOCAL, HTTP_SWITCHING_SELECT_POOLGROUP. Allowed in Essentials(Allowed values- HTTP_SWITCHING_SELECT_POOL,HTTP_SWITCHING_SELECT_LOCAL) edition, Enterprise edition. enum: - HTTP_SWITCHING_SELECT_POOL - HTTP_SWITCHING_SELECT_LOCAL - HTTP_SWITCHING_SELECT_POOLGROUP type: string file: $ref: '#/definitions/ALBHTTPLocalFile' pool_group_path: description: | path of the pool group to serve the request. It is a reference to an object of type PoolGroup. title: |- Pool group path type: string pool_path: description: | path of the pool of servers to serve the request. It is a reference to an object of type Pool. title: |- Pool path type: string server: $ref: '#/definitions/ALBPoolServer' status_code: description: | HTTP status code to use when serving local response. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501. enum: - HTTP_LOCAL_RESPONSE_STATUS_CODE_200 - HTTP_LOCAL_RESPONSE_STATUS_CODE_204 - HTTP_LOCAL_RESPONSE_STATUS_CODE_403 - HTTP_LOCAL_RESPONSE_STATUS_CODE_404 - HTTP_LOCAL_RESPONSE_STATUS_CODE_429 - HTTP_LOCAL_RESPONSE_STATUS_CODE_501 type: string required: - action title: |- HTTPSwitchingAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHTTPVersionMatch: description: |- Advanced load balancer HTTPVersionMatch object properties: match_criteria: description: | Criterion to use for HTTP version matching the version used in the HTTP request. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string versions: description: | HTTP protocol version. Enum options - ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO. Minimum of 1 items required. Maximum of 8 items allowed. Allowed in Basic(Allowed values- ONE_ZERO,ONE_ONE) edition, Essentials(Allowed values- ONE_ZERO,ONE_ONE) edition, Enterprise edition. items: description: |- Valid ENUM values for ALBHTTPVersion enum: - ZERO_NINE - ONE_ZERO - ONE_ONE - TWO_ZERO type: string title: |- Versions type: array required: - versions - match_criteria title: |- HTTPVersionMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHardwareSecurityModule: description: |- Advanced load balancer HardwareSecurityModule object properties: cloudhsm: $ref: '#/definitions/ALBHSMAwsCloudHsm' nethsm: description: |- Thales netHSM specific configuration. items: $ref: '#/definitions/ALBHSMThalesNetHsm' title: |- Nethsm type: array rfs: $ref: '#/definitions/ALBHSMThalesRFS' sluna: $ref: '#/definitions/ALBHSMSafenetLuna' type: description: | HSM type to use. Enum options - HSM_TYPE_THALES_NETHSM, HSM_TYPE_SAFENET_LUNA, HSM_TYPE_AWS_CLOUDHSM. enum: - HSM_TYPE_THALES_NETHSM - HSM_TYPE_SAFENET_LUNA - HSM_TYPE_AWS_CLOUDHSM type: string required: - type title: |- HardwareSecurityModule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHardwareSecurityModuleGroup: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: hsm: $ref: '#/definitions/ALBHardwareSecurityModule' markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array required: - hsm type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer HardwareSecurityModuleGroup object title: |- HardwareSecurityModuleGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHardwareSecurityModuleGroupApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of HardwareSecurityModuleGroup items: $ref: '#/definitions/ALBHardwareSecurityModuleGroup' title: |- Array of HardwareSecurityModuleGroup type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | HardwareSecurityModuleGroupApiResponse title: |- HardwareSecurityModuleGroupApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHdrMatch: description: |- Advanced load balancer HdrMatch object properties: hdr: description: |- Name of the HTTP header whose value is to be matched. title: |- Hdr type: string match_case: default: INSENSITIVE description: | Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_criteria: description: | Criterion to use for matching headers in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. enum: - HDR_EXISTS - HDR_DOES_NOT_EXIST - HDR_BEGINS_WITH - HDR_DOES_NOT_BEGIN_WITH - HDR_CONTAINS - HDR_DOES_NOT_CONTAIN - HDR_ENDS_WITH - HDR_DOES_NOT_END_WITH - HDR_EQUALS - HDR_DOES_NOT_EQUAL type: string value: description: |- String values to match in the HTTP header. items: type: string title: |- Value type: array required: - hdr - match_criteria title: |- HdrMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHdrPersistenceProfile: description: |- Advanced load balancer HdrPersistenceProfile object properties: prst_hdr_name: description: |- Header name for custom header persistence. title: |- Prst hdr name type: string title: |- HdrPersistenceProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitor: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: allow_duplicate_monitors: description: | By default, multiple instances of the same healthmonitor to the same server are suppressed intelligently. In rare cases, the monitor may have specific constructs that go beyond the server keys (ip, port, etc.) during which such suppression is not desired. Use this knob to allow duplicates. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. title: |- Allow duplicate monitors type: boolean authentication: $ref: '#/definitions/ALBHealthMonitorAuthInfo' disable_quickstart: description: | During addition of a server or healthmonitors or during bootup, Avi performs sequential health checks rather than waiting for send-interval to kick in, to mark the server up as soon as possible. This knob may be used to turn this feature off. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. title: |- Disable quickstart type: boolean dns_monitor: $ref: '#/definitions/ALBHealthMonitorDNS' external_monitor: $ref: '#/definitions/ALBHealthMonitorExternal' failed_checks: default: 2 description: | Number of continuous failed health checks before the server is marked down. Allowed values are 1-50. Default value when not specified in API or module is interpreted by ALB Controller as 2. format: int64 maximum: 50 minimum: 1 title: |- Failed checks type: integer http_monitor: $ref: '#/definitions/ALBHealthMonitorHttp' https_monitor: $ref: '#/definitions/ALBHealthMonitorHttp' imap_monitor: $ref: '#/definitions/ALBHealthMonitorImap' imaps_monitor: $ref: '#/definitions/ALBHealthMonitorImap' is_federated: default: false description: | This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is federated type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array monitor_port: description: | Use this port instead of the port defined for the server in the Pool. If the monitor succeeds to this port, the load balanced traffic will still be sent to the port of the server defined within the Pool. Allowed values are 1-65535. Special values are 0 - 'Use server port'. format: int64 maximum: 65535 minimum: 0 title: |- Monitor port type: integer pop3_monitor: $ref: '#/definitions/ALBHealthMonitorPop3' pop3s_monitor: $ref: '#/definitions/ALBHealthMonitorPop3' radius_monitor: $ref: '#/definitions/ALBHealthMonitorRadius' receive_timeout: default: 4 description: | A valid response from the server is expected within the receive timeout window. This timeout must be less than the send interval. If server status is regularly flapping up and down, consider increasing this value. Allowed values are 1-2400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 4. format: int64 maximum: 2400 minimum: 1 title: |- Receive timeout type: integer send_interval: default: 10 description: | Frequency, in seconds, that monitors are sent to a server. Allowed values are 1-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 maximum: 3600 minimum: 1 title: |- Send interval type: integer sip_monitor: $ref: '#/definitions/ALBHealthMonitorSIP' smtp_monitor: $ref: '#/definitions/ALBHealthMonitorSmtp' smtps_monitor: $ref: '#/definitions/ALBHealthMonitorSmtp' successful_checks: default: 2 description: | Number of continuous successful health checks before server is marked up. Allowed values are 1-50. Default value when not specified in API or module is interpreted by ALB Controller as 2. format: int64 maximum: 50 minimum: 1 title: |- Successful checks type: integer tcp_monitor: $ref: '#/definitions/ALBHealthMonitorTcp' type: description: | Type of the health monitor. Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS. Allowed in Basic(Allowed values- HEALTH_MONITOR_PING,HEALTH_MONITOR_TCP,HEALTH_MONITOR_UDP,HEALTH_MONITOR_HTTP,HEALTH_MONITOR_HTTPS) edition, Essentials(Allowed values- HEALTH_MONITOR_PING,HEALTH_MONITOR_TCP,HEALTH_MONITOR_UDP) edition, Enterprise edition. enum: - HEALTH_MONITOR_PING - HEALTH_MONITOR_TCP - HEALTH_MONITOR_HTTP - HEALTH_MONITOR_HTTPS - HEALTH_MONITOR_EXTERNAL - HEALTH_MONITOR_UDP - HEALTH_MONITOR_DNS - HEALTH_MONITOR_GSLB - HEALTH_MONITOR_SIP - HEALTH_MONITOR_RADIUS - HEALTH_MONITOR_SMTP - HEALTH_MONITOR_SMTPS - HEALTH_MONITOR_POP3 - HEALTH_MONITOR_POP3S - HEALTH_MONITOR_IMAP - HEALTH_MONITOR_IMAPS type: string udp_monitor: $ref: '#/definitions/ALBHealthMonitorUdp' required: - type type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer HealthMonitor object title: |- HealthMonitor x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of HealthMonitor items: $ref: '#/definitions/ALBHealthMonitor' title: |- Array of HealthMonitor type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | HealthMonitorApiResponse title: |- HealthMonitorApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorAuthInfo: description: |- Advanced load balancer HealthMonitorAuthInfo object properties: password: description: |- Password for server authentication. title: |- Password type: string username: description: |- Username for server authentication. title: |- Username type: string title: |- HealthMonitorAuthInfo type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorDNS: description: |- Advanced load balancer HealthMonitorDNS object properties: qtype: default: DNS_QUERY_TYPE description: "Query_Type Response has atleast one answer of which \n\ the resource record type matches the query type Any_Type \nResponse should\ \ contain atleast one answer AnyThing An\nempty answer is enough.\nEnum\ \ options - DNS_QUERY_TYPE, DNS_ANY_TYPE, DNS_ANY_THING.\nDefault value\ \ when not specified in API or module is\ninterpreted by ALB Controller\ \ as DNS_QUERY_TYPE.\n" enum: - DNS_QUERY_TYPE - DNS_ANY_TYPE - DNS_ANY_THING type: string query_name: description: | The DNS monitor will query the DNS server for the fully qualified name in this field. title: |- Query name type: string rcode: default: RCODE_NO_ERROR description: | When No Error is selected, a DNS query will be marked failed is any error code is returned by the server. With Any selected, the monitor ignores error code in the responses. Enum options - RCODE_NO_ERROR, RCODE_ANYTHING. Default value when not specified in API or module is interpreted by ALB Controller as RCODE_NO_ERROR. enum: - RCODE_NO_ERROR - RCODE_ANYTHING type: string record_type: default: DNS_RECORD_A description: | Resource record type used in the healthmonitor DNS query, only A or AAAA type supported. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_A. enum: - DNS_RECORD_OTHER - DNS_RECORD_A - DNS_RECORD_NS - DNS_RECORD_CNAME - DNS_RECORD_SOA - DNS_RECORD_PTR - DNS_RECORD_HINFO - DNS_RECORD_MX - DNS_RECORD_TXT - DNS_RECORD_RP - DNS_RECORD_DNSKEY - DNS_RECORD_AAAA - DNS_RECORD_SRV - DNS_RECORD_OPT - DNS_RECORD_RRSIG - DNS_RECORD_AXFR - DNS_RECORD_ANY type: string response_string: description: | The resource record of the queried DNS server's response for the Request Name must include the IP address defined in this field. title: |- Response string type: string required: - query_name title: |- HealthMonitorDNS type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorExternal: description: |- Advanced load balancer HealthMonitorExternal object properties: command_code: description: |- Command script provided inline. title: |- Command code type: string command_parameters: description: |- Optional arguments to feed into the script. title: |- Command parameters type: string command_path: description: |- Path of external health monitor script. title: |- Command path type: string command_variables: description: |- Environment variables to be fed into the script. title: |- Command variables type: string required: - command_code title: |- HealthMonitorExternal type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorHttp: description: |- Advanced load balancer HealthMonitorHttp object properties: auth_type: description: | Type of the authentication method. Enum options - AUTH_BASIC, AUTH_NTLM. Allowed in Basic edition, Essentials edition, Enterprise edition. enum: - AUTH_BASIC - AUTH_NTLM type: string exact_http_request: default: false description: | Use the exact http_request string as specified by user, without any automatic insert of headers like Host header. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Exact http request type: boolean http_request: default: GET / HTTP/1.0 description: | Send an HTTP request to the server. The default GET / HTTP/1.0 may be extended with additional headers or information. For instance, GET /index.htm HTTP/1.1 Host www.site.com Connection Close. Default value when not specified in API or module is interpreted by ALB Controller as GET / HTTP/1.0. title: |- Http request type: string http_request_body: description: |- HTTP request body. title: |- Http request body type: string http_response: description: | Match for a keyword in the first 2Kb of the server header and body response. title: |- Http response type: string http_response_code: description: | List of HTTP response codes to match as successful. Default is 2xx. Enum options - HTTP_ANY, HTTP_1XX, HTTP_2XX, HTTP_3XX, HTTP_4XX, HTTP_5XX. Minimum of 1 items required. items: description: |- Valid ENUM values for ALBHttpResponseCode enum: - HTTP_ANY - HTTP_1XX - HTTP_2XX - HTTP_3XX - HTTP_4XX - HTTP_5XX type: string title: |- Http response code type: array maintenance_code: description: | Match or look for this HTTP response code indicating server maintenance. A successful match results in the server being marked down. Allowed values are 101-599. Maximum of 4 items allowed. items: format: int64 type: integer title: |- Maintenance code type: array maintenance_response: description: | Match or look for this keyword in the first 2KB of server header and body response indicating server maintenance. A successful match results in the server being marked down. title: |- Maintenance response type: string response_size: description: | Expected http/https response page size. Allowed values are 2048-16384. format: int64 maximum: 16384 minimum: 2048 title: |- Response size type: integer ssl_attributes: $ref: '#/definitions/ALBHealthMonitorSSLAttributes' required: - http_response_code title: |- HealthMonitorHttp type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorImap: description: |- Advanced load balancer HealthMonitorImap object properties: folder: description: |- Folder to access. title: |- Folder type: string ssl_attributes: $ref: '#/definitions/ALBHealthMonitorSSLAttributes' title: |- HealthMonitorImap type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorPop3: description: |- Advanced load balancer HealthMonitorPop3 object properties: ssl_attributes: $ref: '#/definitions/ALBHealthMonitorSSLAttributes' title: |- HealthMonitorPop3 type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorRadius: description: |- Advanced load balancer HealthMonitorRadius object properties: password: description: |- Radius monitor will query Radius server with this password. title: |- Password type: string shared_secret: description: | Radius monitor will query Radius server with this shared secret. title: |- Shared secret type: string username: description: |- Radius monitor will query Radius server with this username. title: |- Username type: string required: - username title: |- HealthMonitorRadius type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorSIP: description: |- Advanced load balancer HealthMonitorSIP object properties: sip_monitor_transport: default: SIP_UDP_PROTO description: | Specify the transport protocol TCP or UDP, to be used for SIP health monitor. The default transport is UDP. Enum options - SIP_UDP_PROTO, SIP_TCP_PROTO. Default value when not specified in API or module is interpreted by ALB Controller as SIP_UDP_PROTO. enum: - SIP_UDP_PROTO - SIP_TCP_PROTO type: string sip_request_code: default: SIP_OPTIONS description: | Specify the SIP request to be sent to the server. By default, SIP OPTIONS request will be sent. Enum options - SIP_OPTIONS. Default value when not specified in API or module is interpreted by ALB Controller as SIP_OPTIONS. enum: - SIP_OPTIONS type: string sip_response: default: SIP/2.0 description: | Match for a keyword in the first 2KB of the server header and body response. By default, it matches for SIP/2.0. Default value when not specified in API or module is interpreted by ALB Controller as SIP/2.0. title: |- Sip response type: string title: |- HealthMonitorSIP type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorSSLAttributes: description: |- Advanced load balancer HealthMonitorSSLAttributes object properties: pki_profile_path: description: | PKI profile used to validate the SSL certificate presented by a server. It is a reference to an object of type PKIProfile. title: |- Pki profile path type: string server_name: description: | Fully qualified DNS hostname which will be used in the TLS SNI extension in server connections indicating SNI is enabled. title: |- Server name type: string ssl_key_and_certificate_path: description: | Service engines will present this SSL certificate to the server. It is a reference to an object of type SSLKeyAndCertificate. title: |- Ssl key and certificate path type: string ssl_profile_path: description: | SSL profile defines ciphers and SSL versions to be used for healthmonitor traffic to the back-end servers. It is a reference to an object of type SSLProfile. title: |- Ssl profile path type: string required: - ssl_profile_path title: |- HealthMonitorSSLAttributes type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorSmtp: description: |- Advanced load balancer HealthMonitorSmtp object properties: domainname: description: |- Sender domain name. title: |- Domainname type: string mail_data: description: |- Mail data. title: |- Mail data type: string recipients_ids: description: |- Mail recipients. items: type: string title: |- Recipients ids type: array sender_id: description: |- Mail sender. title: |- Sender id type: string ssl_attributes: $ref: '#/definitions/ALBHealthMonitorSSLAttributes' title: |- HealthMonitorSmtp type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorTcp: description: |- Advanced load balancer HealthMonitorTcp object properties: maintenance_response: description: | Match or look for this keyword in the first 2KB of server's response indicating server maintenance. A successful match results in the server being marked down. title: |- Maintenance response type: string tcp_half_open: default: false description: | Configure TCP health monitor to use half-open TCP connections to monitor the health of backend servers thereby avoiding consumption of a full fledged server side connection and the overhead and logs associated with it. This method is light-weight as it makes use of listener in server's kernel layer to measure the health and a child socket or user thread is not created on the server side. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Tcp half open type: boolean tcp_request: description: |- Request data to send after completing the TCP handshake. title: |- Tcp request type: string tcp_response: description: | Match for the desired keyword in the first 2Kb of the server's TCP response. If this field is left blank, no server response is required. title: |- Tcp response type: string title: |- HealthMonitorTcp type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHealthMonitorUdp: description: |- Advanced load balancer HealthMonitorUdp object properties: maintenance_response: description: | Match or look for this keyword in the first 2KB of server's response indicating server maintenance. A successful match results in the server being marked down. title: |- Maintenance response type: string udp_request: description: |- Send UDP request. title: |- Udp request type: string udp_response: description: |- Match for keyword in the UDP response. title: |- Udp response type: string title: |- HealthMonitorUdp type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHostHdrMatch: description: |- Advanced load balancer HostHdrMatch object properties: match_case: default: INSENSITIVE description: | Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_criteria: description: | Criterion to use for the host header value match. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. enum: - HDR_EXISTS - HDR_DOES_NOT_EXIST - HDR_BEGINS_WITH - HDR_DOES_NOT_BEGIN_WITH - HDR_CONTAINS - HDR_DOES_NOT_CONTAIN - HDR_ENDS_WITH - HDR_DOES_NOT_END_WITH - HDR_EQUALS - HDR_DOES_NOT_EQUAL type: string value: description: |- String value(s) in the host header. items: type: string title: |- Value type: array required: - match_criteria title: |- HostHdrMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHttpCacheConfig: description: |- Advanced load balancer HttpCacheConfig object properties: age_header: default: true description: | Add an Age header to content served from cache, which indicates to the client the number of seconds the object has been in the cache. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Age header type: boolean aggressive: default: false description: | Enable/disable caching objects without Cache-Control headers. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Aggressive type: boolean date_header: default: true description: | If a Date header was not added by the server, add a Date header to the object served from cache. This indicates to the client when the object was originally sent by the server to the cache. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Date header type: boolean default_expire: default: 600 description: | Default expiration time of cache objects received from the server without a Cache-Control expiration header. This value may be overwritten by the Heuristic Expire setting. Default value when not specified in API or module is interpreted by ALB Controller as 600. format: int64 title: |- Default expire type: integer enabled: default: false description: | Enable/disable HTTP object caching.When enabling caching for the first time, SE Group app_cache_percent must be set to allocate shared memory required for caching (A service engine restart is needed after setting/resetting the SE group value). Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enabled type: boolean heuristic_expire: default: false description: | If a response object from the server does not include the Cache-Control header, but does include a Last-Modified header, the system will use this time to calculate the Cache-Control expiration. If unable to solicit an Last-Modified header, then the system will fall back to the Cache Expire Time value. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Heuristic expire type: boolean ignore_request_cache_control: default: false description: | Ignore client's cache control headers when fetching or storing from and to the cache. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Ignore request cache control type: boolean max_cache_size: default: 0 description: | Max size, in bytes, of the cache. The default, zero, indicates auto configuration. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Max cache size type: integer max_object_size: default: 4194304 description: | Maximum size of an object to store in the cache. Default value when not specified in API or module is interpreted by ALB Controller as 4194304. format: int64 title: |- Max object size type: integer mime_types_block_group_paths: description: | Blocklist string group of non-cacheable mime types. It is a reference to an object of type StringGroup. items: type: string title: |- Mime types block group paths type: array mime_types_block_lists: description: |- Blocklist of non-cacheable mime types. items: type: string title: |- Mime types block lists type: array mime_types_group_paths: description: | Allowlist string group of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to (STAR)/(STAR). It is a reference to an object of type StringGroup. items: type: string title: |- Mime types group paths type: array mime_types_list: description: | Allowlist of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to (STAR)/(STAR). items: type: string title: |- Mime types list type: array min_object_size: default: 100 description: | Minimum size of an object to store in the cache. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 title: |- Min object size type: integer query_cacheable: default: false description: | Allow caching of objects whose URI included a query argument. When disabled, these objects are not cached. When enabled, the request must match the URI query to be considered a hit. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Query cacheable type: boolean uri_non_cacheable: $ref: '#/definitions/ALBPathMatch' xcache_header: default: true description: | Add an X-Cache header to content served from cache, which indicates to the client that the object was served from an intermediate cache. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Xcache header type: boolean title: |- HttpCacheConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHttpCookiePersistenceKey: description: |- Advanced load balancer HttpCookiePersistenceKey object properties: aes_key: description: |- aes_key of HttpCookiePersistenceKey. title: |- Aes key type: string hmac_key: description: |- hmac_key of HttpCookiePersistenceKey. title: |- Hmac key type: string name: description: |- name to use for cookie encryption. title: |- Name type: string title: |- HttpCookiePersistenceKey type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBHttpCookiePersistenceProfile: description: |- Advanced load balancer HttpCookiePersistenceProfile object properties: always_send_cookie: default: false description: | If no persistence cookie was received from the client, always send it. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Always send cookie type: boolean cookie_name: description: |- HTTP cookie name for cookie persistence. title: |- Cookie name type: string encryption_key: description: |- Key name to use for cookie encryption. title: |- Encryption key type: string key: description: | Placeholder for description of property key of obj type HttpCookiePersistenceProfile field type str type array. items: $ref: '#/definitions/ALBHttpCookiePersistenceKey' title: |- Key type: array timeout: description: | The maximum lifetime of any session cookie. No value or 'zero' indicates no timeout. Allowed values are 1-14400. Special values are 0- 'No Timeout'. Unit is MIN. format: int64 maximum: 14400 minimum: 0 title: |- Timeout type: integer title: |- HttpCookiePersistenceProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIPNetworkSubnet: description: |- Advanced load balancer IPNetworkSubnet object properties: network_name: description: | Network for VirtualService IP allocation with Vantage as the IPAM provider. Network should be created before this is configured. It is a reference to an object of type Network. title: |- Network name type: string subnet: $ref: '#/definitions/ALBIpAddrPrefix' subnet6: $ref: '#/definitions/ALBIpAddrPrefix' subnet6_uuid: description: | Subnet UUID or Name or Prefix for VirtualService IPv6 allocation with AWS or OpenStack as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Subnet6 uuid type: string subnet_uuid: description: | Subnet UUID or Name or Prefix for VirtualService IP allocation with AWS or OpenStack as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. title: |- Subnet uuid type: string title: |- IPNetworkSubnet type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIPPersistenceProfile: description: |- Advanced load balancer IPPersistenceProfile object properties: ip_mask: description: | Mask to be applied on client IP. This may be used to persist clients from a subnet to the same server. When set to 0, all requests are sent to the same server. Allowed values are 0-128. Allowed in Basic edition, Essentials edition, Enterprise edition. format: int64 maximum: 128 minimum: 0 title: |- Ip mask type: integer ip_persistent_timeout: default: 5 description: | The length of time after a client's connections have closed before expiring the client's persistence to a server. Allowed values are 1-720. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 5. format: int64 maximum: 720 minimum: 1 title: |- Ip persistent timeout type: integer title: |- IPPersistenceProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIpAddr: description: |- Advanced load balancer IpAddr object properties: addr: description: |- IP address. title: |- Addr type: string type: description: |- Enum options - V4, DNS, V6. enum: - V4 - DNS - V6 type: string required: - type - addr title: |- IpAddr type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIpAddrGroup: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: addrs: description: |- Configure IP address(es). items: $ref: '#/definitions/ALBIpAddr' title: |- Addrs type: array apic_epg_name: description: |- Populate IP addresses from members of this Cisco APIC EPG. title: |- Apic epg name type: string country_codes: description: | Populate the IP address ranges from the geo database for this country. items: type: string title: |- Country codes type: array ip_ports: description: |- Configure (IP address, port) tuple(s). items: $ref: '#/definitions/ALBIpAddrPort' title: |- Ip ports type: array marathon_app_name: description: |- Populate IP addresses from tasks of this Marathon app. title: |- Marathon app name type: string marathon_service_port: description: | Task port associated with marathon service port. If Marathon app has multiple service ports, this is required. Else, the first task port is used. format: int64 title: |- Marathon service port type: integer markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array prefixes: description: |- Configure IP address prefix(es). items: $ref: '#/definitions/ALBIpAddrPrefix' title: |- Prefixes type: array ranges: description: |- Configure IP address range(s). items: $ref: '#/definitions/ALBIpAddrRange' title: |- Ranges type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer IpAddrGroup object title: |- IpAddrGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIpAddrGroupApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of IpAddrGroup items: $ref: '#/definitions/ALBIpAddrGroup' title: |- Array of IpAddrGroup type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | IpAddrGroupApiResponse title: |- IpAddrGroupApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIpAddrMatch: description: |- Advanced load balancer IpAddrMatch object properties: addrs: description: |- IP address(es). items: $ref: '#/definitions/ALBIpAddr' title: |- Addrs type: array group_paths: description: | path of IP address group(s). It is a reference to an object of type IpAddrGroup. items: type: string title: |- Group paths type: array match_criteria: description: | Criterion to use for IP address matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string prefixes: description: |- IP address prefix(es). items: $ref: '#/definitions/ALBIpAddrPrefix' title: |- Prefixes type: array ranges: description: |- IP address range(s). items: $ref: '#/definitions/ALBIpAddrRange' title: |- Ranges type: array required: - match_criteria title: |- IpAddrMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIpAddrPort: description: |- Advanced load balancer IpAddrPort object properties: hostname: description: | Hostname of server. One of IP address or hostname should be set. title: |- Hostname type: string ip: $ref: '#/definitions/ALBIpAddr' name: description: |- Name of the object. title: |- Name type: string port: description: | Port number of server. Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- Port type: integer required: - port title: |- IpAddrPort type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIpAddrPrefix: description: |- Advanced load balancer IpAddrPrefix object properties: ip_addr: $ref: '#/definitions/ALBIpAddr' mask: description: |- Number of mask. format: int64 title: |- Mask type: integer required: - mask - ip_addr title: |- IpAddrPrefix type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBIpAddrRange: description: |- Advanced load balancer IpAddrRange object properties: begin: $ref: '#/definitions/ALBIpAddr' end: $ref: '#/definitions/ALBIpAddr' required: - begin - end title: |- IpAddrRange type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBKeyValue: description: |- Advanced load balancer KeyValue object properties: key: description: |- Key. title: |- Key type: string value: description: |- Value. title: |- Value type: string required: - key title: |- KeyValue type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4ConnectionPolicy: description: |- Advanced load balancer L4ConnectionPolicy object properties: rules: description: |- Rules to apply when a new transport connection is setup. items: $ref: '#/definitions/ALBL4Rule' title: |- Rules type: array title: |- L4ConnectionPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4Policies: description: |- Advanced load balancer L4Policies object properties: index: description: |- Index of the virtual service L4 policy set. format: int64 title: |- Index type: integer l4_policy_set_path: description: | ID of the virtual service L4 policy set. It is a reference to an object of type L4PolicySet. title: |- L4 policy set path type: string required: - l4_policy_set_path - index title: |- L4Policies type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4PolicySet: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: created_by: description: |- Creator name. title: |- Created by type: string is_internal_policy: default: false description: | Placeholder for description of property is_internal_policy of obj type L4PolicySet field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is internal policy type: boolean l4_connection_policy: $ref: '#/definitions/ALBL4ConnectionPolicy' markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer L4PolicySet object title: |- L4PolicySet x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4PolicySetApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of L4PolicySet items: $ref: '#/definitions/ALBL4PolicySet' title: |- Array of L4PolicySet type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | L4PolicySetApiResponse title: |- L4PolicySetApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4Rule: description: |- Advanced load balancer L4Rule object properties: action: $ref: '#/definitions/ALBL4RuleAction' enable: default: true description: | Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean index: description: |- Index of the rule. format: int64 title: |- Index type: integer match: $ref: '#/definitions/ALBL4RuleMatchTarget' name: description: |- Name of the rule. title: |- Name type: string required: - index - name title: |- L4Rule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4RuleAction: description: |- Advanced load balancer L4RuleAction object properties: select_pool: $ref: '#/definitions/ALBL4RuleActionSelectPool' title: |- L4RuleAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4RuleActionSelectPool: description: |- Advanced load balancer L4RuleActionSelectPool object properties: action_type: description: | Indicates action to take on rule match. Enum options - L4_RULE_ACTION_SELECT_POOL, L4_RULE_ACTION_SELECT_POOLGROUP. Allowed in Basic(Allowed values- L4_RULE_ACTION_SELECT_POOL) edition, Essentials(Allowed values- L4_RULE_ACTION_SELECT_POOL) edition, Enterprise edition. enum: - L4_RULE_ACTION_SELECT_POOL - L4_RULE_ACTION_SELECT_POOLGROUP type: string pool_group_path: description: | ID of the pool group to serve the request. It is a reference to an object of type PoolGroup. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Pool group path type: string pool_path: description: | ID of the pool of servers to serve the request. It is a reference to an object of type Pool. title: |- Pool path type: string required: - action_type title: |- L4RuleActionSelectPool type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4RuleMatchTarget: description: |- Advanced load balancer L4RuleMatchTarget object properties: client_ip: $ref: '#/definitions/ALBIpAddrMatch' port: $ref: '#/definitions/ALBL4RulePortMatch' protocol: $ref: '#/definitions/ALBL4RuleProtocolMatch' title: |- L4RuleMatchTarget type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4RulePortMatch: description: |- Advanced load balancer L4RulePortMatch object properties: match_criteria: description: | Criterion to use for Virtual Service port matching. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string port_ranges: description: |- Range of TCP/UDP port numbers of the Virtual Service. items: $ref: '#/definitions/ALBPortRange' title: |- Port ranges type: array ports: description: | Virtual Service's listening port(s). Allowed values are 1-65535. items: format: int64 type: integer title: |- Ports type: array required: - match_criteria title: |- L4RulePortMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBL4RuleProtocolMatch: description: |- Advanced load balancer L4RuleProtocolMatch object properties: match_criteria: description: | Criterion to use for transport protocol matching. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string protocol: description: | Transport protocol to match. Enum options - PROTOCOL_ICMP, PROTOCOL_TCP, PROTOCOL_UDP. enum: - PROTOCOL_ICMP - PROTOCOL_TCP - PROTOCOL_UDP type: string required: - protocol - match_criteria title: |- L4RuleProtocolMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBLdapAuthSettings: description: |- Advanced load balancer LdapAuthSettings object properties: base_dn: description: | The LDAP base DN. For example, avinetworks.com would be DC=avinetworks,DC=com. title: |- Base dn type: string bind_as_administrator: default: true description: | LDAP administrator credentials are used to search for users and group memberships. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Bind as administrator type: boolean email_attribute: default: email description: | LDAP attribute that refers to user email. Default value when not specified in API or module is interpreted by ALB Controller as email. title: |- Email attribute type: string full_name_attribute: default: name description: | LDAP attribute that refers to user's full name. Default value when not specified in API or module is interpreted by ALB Controller as name. title: |- Full name attribute type: string port: default: 389 description: | Query the LDAP servers on this port. Default value when not specified in API or module is interpreted by ALB Controller as 389. format: int64 title: |- Port type: integer security_mode: description: | LDAP connection security mode. Enum options - AUTH_LDAP_SECURE_NONE, AUTH_LDAP_SECURE_USE_LDAPS. enum: - AUTH_LDAP_SECURE_NONE - AUTH_LDAP_SECURE_USE_LDAPS type: string server: description: | LDAP server IP address or Hostname. Use IP address if an auth profile is used to configure Virtual Service. Minimum of 1 items required. items: type: string title: |- Server type: array settings: $ref: '#/definitions/ALBLdapDirectorySettings' user_bind: $ref: '#/definitions/ALBLdapUserBindSettings' required: - server title: |- LdapAuthSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBLdapDirectorySettings: description: |- Advanced load balancer LdapDirectorySettings object properties: admin_bind_dn: description: | LDAP Admin User DN. Administrator credentials are required to search for users under user search DN or groups under group search DN. title: |- Admin bind dn type: string group_filter: default: (objectClass=*) description: | Group filter is used to identify groups during search. Default value when not specified in API or module is interpreted by ALB Controller as (objectClass=(STAR)). title: |- Group filter type: string group_member_attribute: default: member description: | LDAP group attribute that identifies each of the group members. Default value when not specified in API or module is interpreted by ALB Controller as member. title: |- Group member attribute type: string group_member_is_full_dn: default: true description: | Group member entries contain full DNs instead of just user id attribute values. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Group member is full dn type: boolean group_search_dn: description: | LDAP group search DN is the root of search for a given group in the LDAP directory. Only matching groups present in this LDAP directory sub-tree will be checked for user membership. title: |- Group search dn type: string group_search_scope: default: AUTH_LDAP_SCOPE_SUBTREE description: | LDAP group search scope defines how deep to search for the group starting from the group search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_SUBTREE. enum: - AUTH_LDAP_SCOPE_BASE - AUTH_LDAP_SCOPE_ONE - AUTH_LDAP_SCOPE_SUBTREE type: string ignore_referrals: default: false description: | During user or group search, ignore searching referrals. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Ignore referrals type: boolean password: description: |- LDAP Admin User Password. title: |- Password type: string user_attributes: description: |- LDAP user attributes to fetch on a successful user bind. items: type: string title: |- User attributes type: array user_id_attribute: description: | LDAP user id attribute is the login attribute that uniquely identifies a single user record. title: |- User id attribute type: string user_search_dn: description: | LDAP user search DN is the root of search for a given user in the LDAP directory. Only user records present in this LDAP directory sub-tree will be validated. title: |- User search dn type: string user_search_scope: default: AUTH_LDAP_SCOPE_ONE description: | LDAP user search scope defines how deep to search for the user starting from user search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_ONE. enum: - AUTH_LDAP_SCOPE_BASE - AUTH_LDAP_SCOPE_ONE - AUTH_LDAP_SCOPE_SUBTREE type: string title: |- LdapDirectorySettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBLdapUserBindSettings: description: |- Advanced load balancer LdapUserBindSettings object properties: dn_template: description: | LDAP user DN pattern is used to bind LDAP user after replacing the user token with real username. title: |- Dn template type: string token: default: description: | LDAP token is replaced with real user name in the user DN pattern. Default value when not specified in API or module is interpreted by ALB Controller as . title: |- Token type: string user_attributes: description: |- LDAP user attributes to fetch on a successful user bind. items: type: string title: |- User attributes type: array user_id_attribute: description: | LDAP user id attribute is the login attribute that uniquely identifies a single user record. title: |- User id attribute type: string title: |- LdapUserBindSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBLocationHdrMatch: description: |- Advanced load balancer LocationHdrMatch object properties: match_case: default: INSENSITIVE description: | Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_criteria: description: | Criterion to use for matching location header value in the HTTP response. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL. enum: - HDR_EXISTS - HDR_DOES_NOT_EXIST - HDR_BEGINS_WITH - HDR_DOES_NOT_BEGIN_WITH - HDR_CONTAINS - HDR_DOES_NOT_CONTAIN - HDR_ENDS_WITH - HDR_DOES_NOT_END_WITH - HDR_EQUALS - HDR_DOES_NOT_EQUAL type: string value: description: |- String value(s) in the location header. items: type: string title: |- Value type: array required: - match_criteria title: |- LocationHdrMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBMatchReplacePair: description: |- Advanced load balancer MatchReplacePair object properties: match_string: description: |- String to be matched. title: |- Match string type: string replacement_string: $ref: '#/definitions/ALBReplaceStringVar' required: - match_string title: |- MatchReplacePair type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBMatchTarget: description: |- Advanced load balancer MatchTarget object properties: client_ip: $ref: '#/definitions/ALBIpAddrMatch' cookie: $ref: '#/definitions/ALBCookieMatch' hdrs: description: |- Configure HTTP header(s). items: $ref: '#/definitions/ALBHdrMatch' title: |- Hdrs type: array host_hdr: $ref: '#/definitions/ALBHostHdrMatch' method: $ref: '#/definitions/ALBMethodMatch' path: $ref: '#/definitions/ALBPathMatch' protocol: $ref: '#/definitions/ALBProtocolMatch' query: $ref: '#/definitions/ALBQueryMatch' version: $ref: '#/definitions/ALBHTTPVersionMatch' vs_port: $ref: '#/definitions/ALBPortMatch' title: |- MatchTarget type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBMethodMatch: description: |- Advanced load balancer MethodMatch object properties: match_criteria: description: | Criterion to use for HTTP method matching the method in the HTTP request. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string methods: description: | Configure HTTP method(s). Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK. Minimum of 1 items required. Maximum of 16 items allowed. Allowed in Basic(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Essentials(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Enterprise edition. items: description: |- Valid ENUM values for ALBHTTPMethod enum: - HTTP_METHOD_GET - HTTP_METHOD_HEAD - HTTP_METHOD_PUT - HTTP_METHOD_DELETE - HTTP_METHOD_POST - HTTP_METHOD_OPTIONS - HTTP_METHOD_TRACE - HTTP_METHOD_CONNECT - HTTP_METHOD_PATCH - HTTP_METHOD_PROPFIND - HTTP_METHOD_PROPPATCH - HTTP_METHOD_MKCOL - HTTP_METHOD_COPY - HTTP_METHOD_MOVE - HTTP_METHOD_LOCK - HTTP_METHOD_UNLOCK type: string title: |- Methods type: array required: - methods - match_criteria title: |- MethodMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBMetricsRealTimeUpdate: description: |- Advanced load balancer MetricsRealTimeUpdate object properties: duration: default: 30 description: | Real time metrics collection duration in minutes. 0 for infinite. Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30. format: int64 title: |- Duration type: integer enabled: default: false description: | Enables real time metrics collection. When deactivated, 6 hour view is the most granular the system will track. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enabled type: boolean required: - enabled title: |- MetricsRealTimeUpdate type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBMicroServiceMatch: description: |- Advanced load balancer MicroServiceMatch object properties: match_criteria: description: | Criterion to use for Micro Service matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string required: - match_criteria title: |- MicroServiceMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkFilter: description: |- Advanced load balancer NetworkFilter object properties: server_filter: description: |- server_filter of NetworkFilter. title: |- Server filter type: string title: |- NetworkFilter type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: connection_mirror: default: false description: | When enabled, Avi mirrors all TCP fastpath connections to standby. Applicable only in Legacy HA Mode. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Connection mirror type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array profile: $ref: '#/definitions/ALBNetworkProfileUnion' required: - profile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer NetworkProfile object title: |- NetworkProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of NetworkProfile items: $ref: '#/definitions/ALBNetworkProfile' title: |- Array of NetworkProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | NetworkProfileApiResponse title: |- NetworkProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkProfileUnion: description: |- Advanced load balancer NetworkProfileUnion object properties: tcp_fast_path_profile: $ref: '#/definitions/ALBTCPFastPathProfile' tcp_proxy_profile: $ref: '#/definitions/ALBTCPProxyProfile' type: default: PROTOCOL_TYPE_TCP_PROXY description: | Configure one of either proxy or fast path profiles. Enum options - PROTOCOL_TYPE_TCP_PROXY, PROTOCOL_TYPE_TCP_FAST_PATH, PROTOCOL_TYPE_UDP_FAST_PATH, PROTOCOL_TYPE_UDP_PROXY. Allowed in Basic(Allowed values- PROTOCOL_TYPE_TCP_PROXY,PROTOCOL_TYPE_TCP_FAST_PATH,PROTOCOL_TYPE_UDP_FAST_PATH) edition, Essentials(Allowed values- PROTOCOL_TYPE_TCP_FAST_PATH,PROTOCOL_TYPE_UDP_FAST_PATH) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PROTOCOL_TYPE_TCP_PROXY. enum: - PROTOCOL_TYPE_TCP_PROXY - PROTOCOL_TYPE_TCP_FAST_PATH - PROTOCOL_TYPE_UDP_FAST_PATH - PROTOCOL_TYPE_UDP_PROXY type: string udp_fast_path_profile: $ref: '#/definitions/ALBUDPFastPathProfile' udp_proxy_profile: $ref: '#/definitions/ALBUDPProxyProfile' required: - type title: |- NetworkProfileUnion type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkSecurityMatchTarget: description: |- Advanced load balancer NetworkSecurityMatchTarget object properties: client_ip: $ref: '#/definitions/ALBIpAddrMatch' microservice: $ref: '#/definitions/ALBMicroServiceMatch' vs_port: $ref: '#/definitions/ALBPortMatch' title: |- NetworkSecurityMatchTarget type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkSecurityPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cloud_config_cksum: description: | Checksum of cloud configuration for Network Sec Policy. Internally set by cloud connector. title: |- Cloud config cksum type: string created_by: description: |- Creator name. title: |- Created by type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array rules: description: | Placeholder for description of property rules of obj type NetworkSecurityPolicy field type str type array. items: $ref: '#/definitions/ALBNetworkSecurityRule' title: |- Rules type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer NetworkSecurityPolicy object title: |- NetworkSecurityPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkSecurityPolicyActionRLParam: description: |- Advanced load balancer NetworkSecurityPolicyActionRLParam object properties: burst_size: default: 0 description: | Maximum number of connections or requests or packets to be rate limited instantaneously. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Burst size type: integer max_rate: description: | Maximum number of connections or requests or packets per second. Allowed values are 1-4294967295. format: int64 maximum: 4294967295 minimum: 1 title: |- Max rate type: integer required: - max_rate - burst_size title: |- NetworkSecurityPolicyActionRLParam type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkSecurityPolicyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of NetworkSecurityPolicy items: $ref: '#/definitions/ALBNetworkSecurityPolicy' title: |- Array of NetworkSecurityPolicy type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | NetworkSecurityPolicyApiResponse title: |- NetworkSecurityPolicyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBNetworkSecurityRule: description: |- Advanced load balancer NetworkSecurityRule object properties: action: description: | Enum options - NETWORK_SECURITY_POLICY_ACTION_TYPE_ALLOW, NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY, NETWORK_SECURITY_POLICY_ACTION_TYPE_RATE_LIMIT. Allowed in Basic(Allowed values- NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY) edition, Essentials(Allowed values- NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY) edition, Enterprise edition. enum: - NETWORK_SECURITY_POLICY_ACTION_TYPE_ALLOW - NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY - NETWORK_SECURITY_POLICY_ACTION_TYPE_RATE_LIMIT type: string age: default: 0 description: | Time in minutes after which rule will be deleted. Allowed values are 1-4294967295. Special values are 0- 'blocked for ever'. Unit is MIN. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 4294967295 minimum: 0 title: |- Age type: integer created_by: description: |- Creator name. title: |- Created by type: string enable: description: | Placeholder for description of property enable of obj type NetworkSecurityRule field type str type boolean. title: |- Enable type: boolean index: description: |- Number of index. format: int64 title: |- Index type: integer log: default: false description: | Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Log type: boolean match: $ref: '#/definitions/ALBNetworkSecurityMatchTarget' name: description: |- Name of the object. title: |- Name type: string rl_param: $ref: '#/definitions/ALBNetworkSecurityPolicyActionRLParam' required: - action - index - enable - name - match title: |- NetworkSecurityRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBOCSPConfig: description: |- Advanced load balancer OCSPConfig object properties: failed_ocsp_jobs_retry_interval: default: 3600 description: | Describes the Time Interval after which the next OCSP job needs to be scheduled in case of the OCSP job failures. Allowed values are 60-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 3600. format: int64 maximum: 86400 minimum: 60 title: |- Failed ocsp jobs retry interval type: integer max_tries: default: 10 description: | Maximum number of times the failed OCSP jobs can be scheduled. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 title: |- Max tries type: integer ocsp_req_interval: default: 86400 description: | Interval between the OCSP queries. Allowed values are 60-31536000. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 86400. format: int64 maximum: 31536000 minimum: 60 title: |- Ocsp req interval type: integer ocsp_resp_timeout: description: | Time in seconds that the system waits for a reply from the OCSP responder before dropping the connection. Unit is SEC. format: int64 title: |- Ocsp resp timeout type: integer responder_url_lists: description: | List of Responder URLs configured by user to do failover/override the AIA extension contained in the OCSP responder's SSL/TLS certificate. items: type: string title: |- Responder url lists type: array url_action: default: OCSP_RESPONDER_URL_FAILOVER description: | Describes the type of action to take with the Responder URLs. Enum options - OCSP_RESPONDER_URL_FAILOVER, OCSP_RESPONDER_URL_OVERRIDE. Default value when not specified in API or module is interpreted by ALB Controller as OCSP_RESPONDER_URL_FAILOVER. enum: - OCSP_RESPONDER_URL_FAILOVER - OCSP_RESPONDER_URL_OVERRIDE type: string title: |- OCSPConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPGDeploymentRule: description: |- Advanced load balancer PGDeploymentRule object properties: metric_id: default: health.health_score_value description: | metric_id of PGDeploymentRule. Default value when not specified in API or module is interpreted by ALB Controller as health.health_score_value. title: |- Metric id type: string operator: default: CO_GE description: | Enum options - CO_EQ, CO_GT, CO_GE, CO_LT, CO_LE, CO_NE. Default value when not specified in API or module is interpreted by ALB Controller as CO_GE. enum: - CO_EQ - CO_GT - CO_GE - CO_LT - CO_LE - CO_NE type: string threshold: description: | metric threshold that is used as the pass fail. If it is not provided then it will simply compare it with current pool vs new pool. title: |- Threshold type: number title: |- PGDeploymentRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPKIProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ca_certs: description: | List of Certificate Authorities (Root and Intermediate) trusted that is used for certificate validation. items: $ref: '#/definitions/ALBSSLCertificate' title: |- Ca certs type: array created_by: description: |- Creator name. title: |- Created by type: string crl_check: default: true description: | When enabled, Avi will verify via CRL checks that certificates in the trust chain have not been revoked. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Crl check type: boolean crls: description: |- Certificate Revocation Lists. items: $ref: '#/definitions/ALBCRL' title: |- Crls type: array ignore_peer_chain: default: true description: | When enabled, Avi will not trust Intermediate and Root certs presented by a client. Instead, only the chain certs configured in the Certificate Authority section will be used to verify trust of the client's cert. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Special default for Basic edition is true, Essentials edition is true, Enterprise is False. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Ignore peer chain type: boolean is_federated: default: false description: | This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is federated type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array validate_only_leaf_crl: default: true description: | When enabled, Avi will only validate the revocation status of the leaf certificate using CRL. To enable validation for the entire chain, disable this option and provide all the relevant CRLs. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Validate only leaf crl type: boolean type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer PKIProfile object title: |- PKIProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPKIProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of PKIProfile items: $ref: '#/definitions/ALBPKIProfile' title: |- Array of PKIProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | PKIProfileApiResponse title: |- PKIProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPathMatch: description: |- Advanced load balancer PathMatch object properties: match_case: default: INSENSITIVE description: | Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_criteria: default: CONTAINS description: | Criterion to use for matching the path in the HTTP request URI. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CONTAINS. enum: - BEGINS_WITH - DOES_NOT_BEGIN_WITH - CONTAINS - DOES_NOT_CONTAIN - ENDS_WITH - DOES_NOT_END_WITH - EQUALS - DOES_NOT_EQUAL - REGEX_MATCH - REGEX_DOES_NOT_MATCH type: string match_str: description: |- String values. items: type: string title: |- Match str type: array string_group_paths: description: | path of the string group(s). It is a reference to an object of type StringGroup. items: type: string title: |- String group paths type: array required: - match_criteria title: |- PathMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPerformanceLimits: description: |- Advanced load balancer PerformanceLimits object properties: max_concurrent_connections: description: | The maximum number of concurrent client conections allowed to the Virtual Service. format: int64 title: |- Max concurrent connections type: integer max_throughput: description: | The maximum throughput per second for all clients allowed through the client side of the Virtual Service. format: int64 title: |- Max throughput type: integer title: |- PerformanceLimits type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPlacementNetwork: description: |- Advanced load balancer PlacementNetwork object properties: network_name: description: |- It is a reference to an object of type Network. title: |- Network name type: string subnet: $ref: '#/definitions/ALBIpAddrPrefix' required: - subnet - network_name title: |- PlacementNetwork type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPool: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: analytics_policy: $ref: '#/definitions/ALBPoolAnalyticsPolicy' analytics_profile_path: description: | Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile. title: |- Analytics profile path type: string apic_epg_name: description: |- Synchronize Cisco APIC EPG members with pool servers. title: |- Apic epg name type: string application_persistence_profile_path: description: | Persistence will ensure the same user sticks to the same server for a desired duration of time. It is a reference to an object of type ApplicationPersistenceProfile. title: |- Application persistence profile path type: string autoscale_launch_config_path: description: | If configured then Avi will trigger orchestration of pool server creation and deletion. It is a reference to an object of type AutoScaleLaunchConfig. title: |- Autoscale launch config path type: string autoscale_networks: description: |- Network Ids for the launch configuration. items: type: string title: |- Autoscale networks type: array autoscale_policy_path: description: | Reference to Server Autoscale Policy. It is a reference to an object of type ServerAutoScalePolicy. title: |- Autoscale policy path type: string capacity_estimation: default: false description: | Inline estimation of capacity of servers. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Capacity estimation type: boolean capacity_estimation_ttfb_thresh: default: 0 description: | The maximum time-to-first-byte of a server. Allowed values are 1-5000. Special values are 0 - 'Automatic'. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 5000 minimum: 0 title: |- Capacity estimation ttfb thresh type: integer cloud_config_cksum: description: | Checksum of cloud configuration for Pool. Internally set by cloud connector. title: |- Cloud config cksum type: string cloud_name: description: |- It is a reference to an object of type Cloud. title: |- Cloud name type: string conn_pool_properties: $ref: '#/definitions/ALBConnPoolProperties' connection_ramp_duration: default: 0 description: | Duration for which new connections will be gradually ramped up to a server recently brought online. Useful for LB algorithms that are least connection based. Allowed values are 1-300. Special values are 0 - 'Immediate'. Unit is MIN. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Special default for Basic edition is 0, Essentials edition is 0, Enterprise is 10. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 300 minimum: 0 title: |- Connection ramp duration type: integer created_by: description: |- Creator name. title: |- Created by type: string default_server_port: default: 80 description: | Traffic sent to servers will use this destination server port unless overridden by the server's specific port attribute. The SSL checkbox enables Avi to server encryption. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 80. format: int64 maximum: 65535 minimum: 1 title: |- Default server port type: integer delete_server_on_dns_refresh: default: true description: | Indicates whether existing IPs are disabled(false) or deleted(true) on dns hostname refreshDetail -- On a dns refresh, some IPs set on pool may no longer be returned by the resolver. These IPs are deleted from the pool when this knob is set to true. They are disabled, if the knob is set to false. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Delete server on dns refresh type: boolean domain_name: description: | Comma separated list of domain names which will be used to verify the common names or subject alternative names presented by server certificates. It is performed only when common name check host_check_enabled is enabled. items: type: string title: |- Domain name type: array east_west: description: |- Inherited config from VirtualService. title: |- East west type: boolean enable_http2: default: false description: | Enable HTTP/2 for traffic from VirtualService to all backend servers in this pool. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable http2 type: boolean enabled: default: true description: | Enable or disable the pool. Disabling will terminate all open connections and pause health monitors. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enabled type: boolean external_autoscale_groups: description: | Names of external auto-scale groups for pool servers. Currently available only for AWS and Azure. items: type: string title: |- External autoscale groups type: array fail_action: $ref: '#/definitions/ALBFailAction' fewest_tasks_feedback_delay: default: 10 description: | Periodicity of feedback for fewest tasks server selection algorithm. Allowed values are 1-300. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 maximum: 300 minimum: 1 title: |- Fewest tasks feedback delay type: integer graceful_disable_timeout: default: 1 description: | Used to gracefully disable a server. Virtual service waits for the specified time before terminating the existing connections to the servers that are disabled. Allowed values are 1-7200. Special values are 0 - 'Immediate', -1 - 'Infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 7200 minimum: -1 title: |- Graceful disable timeout type: integer group_paths: description: | A list of NSX Groups where the Servers for the Pool are created . items: type: string title: |- Group paths type: array gslb_sp_enabled: description: | Indicates if the pool is a site-persistence pool. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Gslb sp enabled type: boolean health_monitor_paths: description: | Verify server health by applying one or more health monitors. Active monitors generate synthetic traffic from each Service Engine and mark a server up or down based on the response. The Passive monitor listens only to client to server communication. It raises or lowers the ratio of traffic destined to a server based on successful responses. It is a reference to an object of type HealthMonitor. Maximum of 50 items allowed. items: type: string title: |- Health monitor paths type: array host_check_enabled: default: false description: | Enable common name check for server certificate. If enabled and no explicit domain name is specified, Avi will use the incoming host header to do the match. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Host check enabled type: boolean ignore_server_port: default: false description: | Ignore the server port in building the load balancing state.Applicable only for consistent hash load balancing algorithm or Disable Port translation (use_service_port) use cases. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Ignore server port type: boolean inline_health_monitor: default: true description: | The Passive monitor will monitor client to server connections and requests and adjust traffic load to servers based on successful responses. This may alter the expected behavior of the LB method, such as Round Robin. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Inline health monitor type: boolean ipaddrgroup_path: description: | Use list of servers from Ip Address Group. It is a reference to an object of type IpAddrGroup. title: |- Ipaddrgroup path type: string lb_algorithm: default: LB_ALGORITHM_LEAST_CONNECTIONS description: | The load balancing algorithm will pick a server within the pool's list of available servers. Values LB_ALGORITHM_NEAREST_SERVER and LB_ALGORITHM_TOPOLOGY are only allowed for GSLB pool. Enum options - LB_ALGORITHM_LEAST_CONNECTIONS, LB_ALGORITHM_ROUND_ROBIN, LB_ALGORITHM_FASTEST_RESPONSE, LB_ALGORITHM_CONSISTENT_HASH, LB_ALGORITHM_LEAST_LOAD, LB_ALGORITHM_FEWEST_SERVERS, LB_ALGORITHM_RANDOM, LB_ALGORITHM_FEWEST_TASKS, LB_ALGORITHM_NEAREST_SERVER, LB_ALGORITHM_CORE_AFFINITY, LB_ALGORITHM_TOPOLOGY. Allowed in Basic(Allowed values- LB_ALGORITHM_LEAST_CONNECTIONS,LB_ALGORITHM_ROUND_ROBIN,LB_ALGORITHM_CONSISTENT_HASH) edition, Essentials(Allowed values- LB_ALGORITHM_LEAST_CONNECTIONS,LB_ALGORITHM_ROUND_ROBIN,LB_ALGORITHM_CONSISTENT_HASH) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LB_ALGORITHM_LEAST_CONNECTIONS. enum: - LB_ALGORITHM_LEAST_CONNECTIONS - LB_ALGORITHM_ROUND_ROBIN - LB_ALGORITHM_FASTEST_RESPONSE - LB_ALGORITHM_CONSISTENT_HASH - LB_ALGORITHM_LEAST_LOAD - LB_ALGORITHM_FEWEST_SERVERS - LB_ALGORITHM_RANDOM - LB_ALGORITHM_FEWEST_TASKS - LB_ALGORITHM_NEAREST_SERVER - LB_ALGORITHM_CORE_AFFINITY - LB_ALGORITHM_TOPOLOGY type: string lb_algorithm_consistent_hash_hdr: description: |- HTTP header name to be used for the hash key. title: |- Lb algorithm consistent hash hdr type: string lb_algorithm_core_nonaffinity: default: 2 description: | Degree of non-affinity for core affinity based server selection. Allowed values are 1-65535. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2. format: int64 maximum: 65535 minimum: 1 title: |- Lb algorithm core nonaffinity type: integer lb_algorithm_hash: default: LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS description: | Criteria used as a key for determining the hash between the client and server. Enum options - LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS, LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT, LB_ALGORITHM_CONSISTENT_HASH_URI, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_HEADER, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_STRING, LB_ALGORITHM_CONSISTENT_HASH_CALLID. Allowed in Basic(Allowed values- LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS) edition, Essentials(Allowed values- LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS. enum: - LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS - LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT - LB_ALGORITHM_CONSISTENT_HASH_URI - LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_HEADER - LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_STRING - LB_ALGORITHM_CONSISTENT_HASH_CALLID type: string lookup_server_by_name: default: false description: | Allow server lookup by name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Lookup server by name type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array max_concurrent_connections_per_server: default: 0 description: | The maximum number of concurrent connections allowed to each server within the pool. NOTE applied value will be no less than the number of service engines that the pool is placed on. If set to 0, no limit is applied. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Max concurrent connections per server type: integer max_conn_rate_per_server: $ref: '#/definitions/ALBRateProfile' min_health_monitors_up: description: | Minimum number of health monitors in UP state to mark server UP. Allowed in Basic edition, Essentials edition, Enterprise edition. format: int64 title: |- Min health monitors up type: integer min_servers_up: description: | Minimum number of servers in UP state for marking the pool UP. format: int64 title: |- Min servers up type: integer networks: description: | (internal-use) Networks designated as containing servers for this pool. The servers may be further narrowed down by a filter. This field is used internally by Avi, not editable by the user. items: $ref: '#/definitions/ALBNetworkFilter' title: |- Networks type: array pki_profile_path: description: | Avi will validate the SSL certificate present by a server against the selected PKI Profile. It is a reference to an object of type PKIProfile. title: |- Pki profile path type: string placement_networks: description: | Manually select the networks and subnets used to provide reachability to the pool's servers. Specify the Subnet using the following syntax 10-1-1-0/24. Use static routes in VRF configuration when pool servers are not directly connected but routable from the service engine. items: $ref: '#/definitions/ALBPlacementNetwork' title: |- Placement networks type: array request_queue_depth: default: 128 description: | Minimum number of requests to be queued when pool is full. Allowed in Basic(Allowed values- 128) edition, Essentials(Allowed values- 128) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 128. format: int64 title: |- Request queue depth type: integer request_queue_enabled: default: false description: | Enable request queue when pool is full. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Request queue enabled type: boolean rewrite_host_header_to_server_name: default: false description: | Rewrite incoming Host Header to server name of the server to which the request is proxied. Enabling this feature rewrites Host Header for requests to all servers in the pool. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Rewrite host header to server name type: boolean rewrite_host_header_to_sni: default: false description: | If SNI server name is specified, rewrite incoming host header to the SNI server name. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Rewrite host header to sni type: boolean routing_pool: default: false description: | Enable to do routing when this pool is selected to send traffic. No servers present in routing pool. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Routing pool type: boolean server_name: description: | Fully qualified DNS hostname which will be used in the TLS SNI extension in server connections if SNI is enabled. If no value is specified, Avi will use the incoming host header instead. title: |- Server name type: string server_reselect: $ref: '#/definitions/ALBHTTPServerReselect' server_timeout: default: 0 description: | Server timeout value specifies the time within which a server connection needs to be established and a request-response exchange completes between AVI and the server. Value of 0 results in using default timeout of 60 minutes. Allowed values are 0-21600000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 21600000 minimum: 0 title: |- Server timeout type: integer servers: description: | The pool directs load balanced traffic to this list of destination servers. The servers can be configured by IP address, name, network or via IP Address Group. Maximum of 5000 items allowed. items: $ref: '#/definitions/ALBServer' title: |- Servers type: array service_metadata: description: | Metadata pertaining to the service provided by this Pool. In Openshift/Kubernetes environments, app metadata info is stored. Any user input to this field will be overwritten by Avi Vantage. title: |- Service metadata type: string sni_enabled: default: true description: | Enable TLS SNI for server connections. If disabled, Avi will not send the SNI extension as part of the handshake. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Sni enabled type: boolean ssl_key_and_certificate_path: description: | Service Engines will present a client SSL certificate to the server. It is a reference to an object of type SSLKeyAndCertificate. title: |- Ssl key and certificate path type: string ssl_profile_path: description: | When enabled, Avi re-encrypts traffic to the backend servers. The specific SSL profile defines which ciphers and SSL versions will be supported. It is a reference to an object of type SSLProfile. title: |- Ssl profile path type: string tier1_path: description: | This tier1_lr field should be set same as VirtualService associated for NSX-T. title: |- Tier1 path type: string use_service_port: default: false description: | Do not translate the client's destination port when sending the connection to the server. The pool or servers specified service port will still be used for health monitoring. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Use service port type: boolean vrf_name: description: | Virtual Routing Context that the pool is bound to. This is used to provide the isolation of the set of networks the pool is attached to. The pool inherits the Virtual Routing Conext of the Virtual Service, and this field is used only internally, and is set by pb-transform. It is a reference to an object of type VrfContext. title: |- Vrf name type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer Pool object title: |- Pool x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolAnalyticsPolicy: description: |- Advanced load balancer PoolAnalyticsPolicy object properties: enable_realtime_metrics: default: false description: | Enable real time metrics for server and pool metrics eg. l4_server.xxx, l7_server.xxx. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable realtime metrics type: boolean title: |- PoolAnalyticsPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of Pool items: $ref: '#/definitions/ALBPool' title: |- Array of Pool type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | PoolApiResponse title: |- PoolApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolGroup: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cloud_config_cksum: description: | Checksum of cloud configuration for PoolGroup. Internally set by cloud connector. title: |- Cloud config cksum type: string cloud_name: description: |- It is a reference to an object of type Cloud. title: |- Cloud name type: string created_by: description: |- Name of the user who created the object. title: |- Created by type: string deactivate_primary_pool_on_down: default: false description: | Deactivate primary pool for selection when down until it is activated by user via clear poolgroup command. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Deactivate primary pool on down type: boolean deployment_policy_path: description: | When setup autoscale manager will automatically promote new pools into production when deployment goals are met. It is a reference to an object of type PoolGroupDeploymentPolicy. title: |- Deployment policy path type: string enable_http2: default: false description: | Enable HTTP/2 for traffic from VirtualService to all the backend servers in all the pools configured under this PoolGroup. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable http2 type: boolean fail_action: $ref: '#/definitions/ALBFailAction' implicit_priority_labels: default: false description: | Whether an implicit set of priority labels is generated. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Implicit priority labels type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array members: description: |- List of pool group members object of type PoolGroupMember. items: $ref: '#/definitions/ALBPoolGroupMember' title: |- Members type: array min_servers: default: 0 description: | The minimum number of servers to distribute traffic to. Allowed values are 1-65535. Special values are 0 - 'Disable'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 65535 minimum: 0 title: |- Min servers type: integer priority_labels_path: description: | path of the priority labels. If not provided, pool group member priority label will be interpreted as a number with a larger number considered higher priority. It is a reference to an object of type PriorityLabels. title: |- Priority labels path type: string service_metadata: description: | Metadata pertaining to the service provided by this PoolGroup. In Openshift/Kubernetes environments, app metadata info is stored. Any user input to this field will be overwritten by Avi Vantage. title: |- Service metadata type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer PoolGroup object title: |- PoolGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolGroupApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of PoolGroup items: $ref: '#/definitions/ALBPoolGroup' title: |- Array of PoolGroup type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | PoolGroupApiResponse title: |- PoolGroupApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolGroupDeploymentPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: auto_disable_old_prod_pools: default: true description: | It will automatically disable old production pools once there is a new production candidate. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Auto disable old prod pools type: boolean evaluation_duration: default: 300 description: | Duration of evaluation period for automatic deployment. Allowed values are 60-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. format: int64 maximum: 86400 minimum: 60 title: |- Evaluation duration type: integer markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array rules: description: | Placeholder for description of property rules of obj type PoolGroupDeploymentPolicy field type str type array. items: $ref: '#/definitions/ALBPGDeploymentRule' title: |- Rules type: array scheme: default: BLUE_GREEN description: | deployment scheme. Enum options - BLUE_GREEN, CANARY. Default value when not specified in API or module is interpreted by ALB Controller as BLUE_GREEN. enum: - BLUE_GREEN - CANARY type: string target_test_traffic_ratio: default: 100 description: | Target traffic ratio before pool is made production. Allowed values are 1-100. Unit is RATIO. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 maximum: 100 minimum: 1 title: |- Target test traffic ratio type: integer test_traffic_ratio_rampup: default: 100 description: | Ratio of the traffic that is sent to the pool under test. test ratio of 100 means blue green. Allowed values are 1-100. Default value when not specified in API or module is interpreted by ALB Controller as 100. format: int64 maximum: 100 minimum: 1 title: |- Test traffic ratio rampup type: integer webhook_path: description: | Webhook configured with URL that Avi controller will pass back information about pool group, old and new pool information and current deployment rule results. It is a reference to an object of type Webhook. title: |- Webhook path type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer PoolGroupDeploymentPolicy object title: |- PoolGroupDeploymentPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolGroupDeploymentPolicyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of PoolGroupDeploymentPolicy items: $ref: '#/definitions/ALBPoolGroupDeploymentPolicy' title: |- Array of PoolGroupDeploymentPolicy type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | PoolGroupDeploymentPolicyApiResponse title: |- PoolGroupDeploymentPolicyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolGroupMember: description: |- Advanced load balancer PoolGroupMember object properties: deployment_state: description: | Pool deployment state used with the PG deployment policy. Enum options - EVALUATION_IN_PROGRESS, IN_SERVICE, OUT_OF_SERVICE, EVALUATION_FAILED. enum: - EVALUATION_IN_PROGRESS - IN_SERVICE - OUT_OF_SERVICE - EVALUATION_FAILED type: string pool_path: description: | path of the pool. It is a reference to an object of type Pool. title: |- Pool path type: string priority_label: description: | All pools with same label are treated similarly in a pool group. A pool with a higher priority is selected, as long as the pool is eligible or an explicit policy chooses a different pool. title: |- Priority label type: string ratio: default: 1 description: | Ratio of selecting eligible pools in the pool group. Allowed values are 1-1000. Special values are 0 - 'Do not select this pool for new connections'. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 1000 minimum: 0 title: |- Ratio type: integer required: - pool_path title: |- PoolGroupMember type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPoolServer: description: |- Advanced load balancer PoolServer object properties: hostname: description: | DNS resolvable name of the server. May be used in place of the IP address. title: |- Hostname type: string ip: $ref: '#/definitions/ALBIpAddr' port: description: | Port of the pool server listening for HTTP/HTTPS. Default value is the default port in the pool. Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- Port type: integer required: - ip title: |- PoolServer type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPortMatch: description: |- Advanced load balancer PortMatch object properties: match_criteria: description: | Criterion to use for port matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string ports: description: | Listening TCP port(s). Allowed values are 1-65535. Minimum of 1 items required. items: format: int64 type: integer title: |- Ports type: array required: - ports - match_criteria title: |- PortMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPortRange: description: |- Advanced load balancer PortRange object properties: end: description: | TCP/UDP port range end (inclusive). Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- End type: integer start: description: | TCP/UDP port range start (inclusive). Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- Start type: integer required: - start - end title: |- PortRange type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPriorityLabels: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cloud_name: description: |- It is a reference to an object of type Cloud. title: |- Cloud name type: string equivalent_labels: description: |- Equivalent priority labels in descending order. items: $ref: '#/definitions/ALBEquivalentLabels' title: |- Equivalent labels type: array markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer PriorityLabels object title: |- PriorityLabels x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBPriorityLabelsApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of PriorityLabels items: $ref: '#/definitions/ALBPriorityLabels' title: |- Array of PriorityLabels type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | PriorityLabelsApiResponse title: |- PriorityLabelsApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBProtocolMatch: description: |- Advanced load balancer ProtocolMatch object properties: match_criteria: description: | Criterion to use for protocol matching the HTTP request. Enum options - IS_IN, IS_NOT_IN. enum: - IS_IN - IS_NOT_IN type: string protocols: description: | HTTP or HTTPS protocol. Enum options - HTTP, HTTPS. enum: - HTTP - HTTPS type: string required: - protocols - match_criteria title: |- ProtocolMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBProtocolParser: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array parser_code: description: |- Command script provided inline. title: |- Parser code type: string required: - parser_code type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer ProtocolParser object title: |- ProtocolParser x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBProtocolParserApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of ProtocolParser items: $ref: '#/definitions/ALBProtocolParser' title: |- Array of ProtocolParser type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | ProtocolParserApiResponse title: |- ProtocolParserApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBQueryMatch: description: |- Advanced load balancer QueryMatch object properties: match_case: default: INSENSITIVE description: | Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_criteria: description: | Criterion to use for matching the query in HTTP request URI. Enum options - QUERY_MATCH_CONTAINS. enum: - QUERY_MATCH_CONTAINS type: string match_str: description: |- String value(s). items: type: string title: |- Match str type: array string_group_paths: description: | path of the string group(s). It is a reference to an object of type StringGroup. items: type: string title: |- String group paths type: array required: - match_criteria title: |- QueryMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBRateLimiter: description: |- Advanced load balancer RateLimiter object properties: burst_sz: default: 0 description: | Maximum number of connections, requests or packets to be let through instantaneously. If this is less than count, it will have no effect. Allowed values are 0-1000000000. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000000000 minimum: 0 title: |- Burst sz type: integer count: default: 1000000000 description: | Maximum number of connections, requests or packets permitted each period. Allowed values are 1-1000000000. Default value when not specified in API or module is interpreted by ALB Controller as 1000000000. format: int64 maximum: 1000000000 minimum: 1 title: |- Count type: integer name: description: | Identifier for Rate Limit. Constructed according to context. title: |- Name type: string period: default: 1 description: | Time value in seconds to enforce rate count. Allowed values are 1-1000000000. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 1000000000 minimum: 1 title: |- Period type: integer title: |- RateLimiter type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBRateLimiterAction: description: |- Advanced load balancer RateLimiterAction object properties: file: $ref: '#/definitions/ALBHTTPLocalFile' redirect: $ref: '#/definitions/ALBHTTPRedirectAction' status_code: default: HTTP_LOCAL_RESPONSE_STATUS_CODE_429 description: | HTTP status code for Local Response rate limit action. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_LOCAL_RESPONSE_STATUS_CODE_429. enum: - HTTP_LOCAL_RESPONSE_STATUS_CODE_200 - HTTP_LOCAL_RESPONSE_STATUS_CODE_204 - HTTP_LOCAL_RESPONSE_STATUS_CODE_403 - HTTP_LOCAL_RESPONSE_STATUS_CODE_404 - HTTP_LOCAL_RESPONSE_STATUS_CODE_429 - HTTP_LOCAL_RESPONSE_STATUS_CODE_501 type: string type: default: RL_ACTION_NONE description: | Type of action to be enforced upon hitting the rate limit. Enum options - RL_ACTION_NONE, RL_ACTION_DROP_CONN, RL_ACTION_RESET_CONN, RL_ACTION_CLOSE_CONN, RL_ACTION_LOCAL_RSP, RL_ACTION_REDIRECT. Default value when not specified in API or module is interpreted by ALB Controller as RL_ACTION_NONE. enum: - RL_ACTION_NONE - RL_ACTION_DROP_CONN - RL_ACTION_RESET_CONN - RL_ACTION_CLOSE_CONN - RL_ACTION_LOCAL_RSP - RL_ACTION_REDIRECT type: string title: |- RateLimiterAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBRateLimiterProfile: description: |- Advanced load balancer RateLimiterProfile object properties: client_ip_connections_rate_limit: $ref: '#/definitions/ALBRateProfile' client_ip_failed_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' client_ip_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' client_ip_scanners_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' client_ip_to_uri_failed_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' client_ip_to_uri_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' custom_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' http_header_rate_limits: description: | Rate Limit all HTTP requests from all client IP addresses that contain any single HTTP header value. items: $ref: '#/definitions/ALBRateProfile' title: |- Http header rate limits type: array uri_failed_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' uri_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' uri_scanners_requests_rate_limit: $ref: '#/definitions/ALBRateProfile' title: |- RateLimiterProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBRateProfile: description: |- Advanced load balancer RateProfile object properties: action: $ref: '#/definitions/ALBRateLimiterAction' explicit_tracking: default: false description: | Explicitly tracks an attacker across rate periods. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Explicit tracking type: boolean fine_grain: default: false description: | Enable fine granularity. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Fine grain type: boolean http_cookie: description: |- HTTP cookie name. title: |- Http cookie type: string http_header: description: |- HTTP header name. title: |- Http header type: string rate_limiter: $ref: '#/definitions/ALBRateLimiter' required: - action title: |- RateProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBReplaceStringVar: description: |- Advanced load balancer ReplaceStringVar object properties: type: description: | Type of replacement string - can be a variable exposed from datascript, value of an HTTP header or a custom user-input literal string. Enum options - DATASCRIPT_VAR, HTTP_HEADER_VAR, LITERAL_STRING. enum: - DATASCRIPT_VAR - HTTP_HEADER_VAR - LITERAL_STRING type: string val: description: | Value of the replacement string - name of variable exposed from datascript, name of the HTTP header or a custom user-input literal string. title: |- Val type: string title: |- ReplaceStringVar type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBResponseMatchTarget: description: |- Advanced load balancer ResponseMatchTarget object properties: client_ip: $ref: '#/definitions/ALBIpAddrMatch' cookie: $ref: '#/definitions/ALBCookieMatch' hdrs: description: |- Configure HTTP headers. items: $ref: '#/definitions/ALBHdrMatch' title: |- Hdrs type: array host_hdr: $ref: '#/definitions/ALBHostHdrMatch' loc_hdr: $ref: '#/definitions/ALBLocationHdrMatch' method: $ref: '#/definitions/ALBMethodMatch' path: $ref: '#/definitions/ALBPathMatch' protocol: $ref: '#/definitions/ALBProtocolMatch' query: $ref: '#/definitions/ALBQueryMatch' rsp_hdrs: description: |- Configure the HTTP headers in response. items: $ref: '#/definitions/ALBHdrMatch' title: |- Rsp hdrs type: array status: $ref: '#/definitions/ALBHTTPStatusMatch' version: $ref: '#/definitions/ALBHTTPVersionMatch' vs_port: $ref: '#/definitions/ALBPortMatch' title: |- ResponseMatchTarget type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBRoleFilterMatchLabel: description: |- Advanced load balancer RoleFilterMatchLabel object properties: key: description: |- Key for filter match. title: |- Key type: string values: description: | Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = (STAR) if this field is empty. items: type: string title: |- Values type: array required: - key title: |- RoleFilterMatchLabel type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSAMLSPConfig: description: |- Advanced load balancer SAMLSPConfig object properties: cookie_name: description: |- HTTP cookie name for authenticated session. title: |- Cookie name type: string cookie_timeout: default: 60 description: | Cookie timeout in minutes. Allowed values are 1-1440. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 60. format: int64 maximum: 1440 minimum: 1 title: |- Cookie timeout type: integer entity_id: description: | Globally unique SAML entityID for this node. The SAML application entity ID on the IDP should match this. title: |- Entity id type: string key: description: |- Key to generate the cookie. items: $ref: '#/definitions/ALBHttpCookiePersistenceKey' title: |- Key type: array signing_ssl_key_and_certificate_path: description: | SP will use this SSL certificate to sign requests going to the IdP and decrypt the assertions coming from IdP. It is a reference to an object of type SSLKeyAndCertificate. title: |- Signing ssl key and certificate path type: string single_signon_url: description: |- SAML Single Signon URL to be programmed on the IDP. title: |- Single signon url type: string sp_metadata: description: |- SAML SP metadata for this application. title: |- Sp metadata type: string use_idp_session_timeout: description: | By enabling this field IdP can control how long the SP session can exist through the SessionNotOnOrAfter field in the AuthNStatement of SAML Response. title: |- Use idp session timeout type: boolean required: - single_signon_url - entity_id title: |- SAMLSPConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLCertificate: description: |- Advanced load balancer SSLCertificate object properties: certificate: description: |- certificate of SSLCertificate. title: |- Certificate type: string certificate_signing_request: description: |- certificate_signing_request of SSLCertificate. title: |- Certificate signing request type: string chain_verified: description: | Placeholder for description of property chain_verified of obj type SSLCertificate field type str type boolean. title: |- Chain verified type: boolean days_until_expire: default: 365 description: | Number of days_until_expire. Default value when not specified in API or module is interpreted by ALB Controller as 365. format: int64 minimum: 1 title: |- Days until expire type: integer expiry_status: default: SSL_CERTIFICATE_GOOD description: | Enum options - SSL_CERTIFICATE_GOOD, SSL_CERTIFICATE_EXPIRY_WARNING, SSL_CERTIFICATE_EXPIRED. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CERTIFICATE_GOOD. enum: - SSL_CERTIFICATE_GOOD - SSL_CERTIFICATE_EXPIRY_WARNING - SSL_CERTIFICATE_EXPIRED type: string fingerprint: description: |- fingerprint of SSLCertificate. title: |- Fingerprint type: string issuer: $ref: '#/definitions/ALBSSLCertificateDescription' key_params: $ref: '#/definitions/ALBSSLKeyParams' not_after: description: |- not_after of SSLCertificate. title: |- Not after type: string not_before: description: |- not_before of SSLCertificate. title: |- Not before type: string public_key: description: |- public_key of SSLCertificate. title: |- Public key type: string self_signed: description: | Placeholder for description of property self_signed of obj type SSLCertificate field type str type boolean. title: |- Self signed type: boolean serial_number: description: |- serial_number of SSLCertificate. title: |- Serial number type: string signature: description: |- signature of SSLCertificate. title: |- Signature type: string signature_algorithm: description: |- signature_algorithm of SSLCertificate. title: |- Signature algorithm type: string subject: $ref: '#/definitions/ALBSSLCertificateDescription' subject_alt_names: description: |- subjectAltName that provides additional subject identities. items: type: string title: |- Subject alt names type: array text: description: |- text of SSLCertificate. title: |- Text type: string version: description: |- version of SSLCertificate. title: |- Version type: string title: |- SSLCertificate type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLCertificateDescription: description: |- Advanced load balancer SSLCertificateDescription object properties: common_name: description: |- common_name of SSLCertificateDescription. title: |- Common name type: string country: description: |- country of SSLCertificateDescription. title: |- Country type: string distinguished_name: description: |- distinguished_name of SSLCertificateDescription. title: |- Distinguished name type: string email_address: description: |- email_address of SSLCertificateDescription. title: |- Email address type: string locality: description: |- locality of SSLCertificateDescription. title: |- Locality type: string organization: description: |- organization of SSLCertificateDescription. title: |- Organization type: string organization_unit: description: |- organization_unit of SSLCertificateDescription. title: |- Organization unit type: string state: description: |- state of SSLCertificateDescription. title: |- State type: string title: |- SSLCertificateDescription type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLClientCertificateAction: description: |- Advanced load balancer SSLClientCertificateAction object properties: close_connection: default: false description: | Placeholder for description of property close_connection of obj type SSLClientCertificateAction field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Close connection type: boolean headers: description: | Placeholder for description of property headers of obj type SSLClientCertificateAction field type str type array. items: $ref: '#/definitions/ALBSSLClientRequestHeader' title: |- Headers type: array title: |- SSLClientCertificateAction type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLClientRequestHeader: description: |- Advanced load balancer SSLClientRequestHeader object properties: request_header: description: | If this header exists, reset the connection. If the ssl variable is specified, add a header with this value. title: |- Request header type: string request_header_value: description: | Set the request header with the value as indicated by this SSL variable. Eg. send the whole certificate in PEM format. Enum options - HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID, HTTP_POLICY_VAR_SSL_CLIENT_VERSION, HTTP_POLICY_VAR_SSL_CLIENT_SIGALG, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER. enum: - HTTP_POLICY_VAR_CLIENT_IP - HTTP_POLICY_VAR_VS_PORT - HTTP_POLICY_VAR_VS_IP - HTTP_POLICY_VAR_HTTP_HDR - HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT - HTTP_POLICY_VAR_SSL_CLIENT_SERIAL - HTTP_POLICY_VAR_SSL_CLIENT_ISSUER - HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT - HTTP_POLICY_VAR_SSL_CLIENT_RAW - HTTP_POLICY_VAR_SSL_PROTOCOL - HTTP_POLICY_VAR_SSL_SERVER_NAME - HTTP_POLICY_VAR_USER_NAME - HTTP_POLICY_VAR_SSL_CIPHER - HTTP_POLICY_VAR_REQUEST_ID - HTTP_POLICY_VAR_SSL_CLIENT_VERSION - HTTP_POLICY_VAR_SSL_CLIENT_SIGALG - HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE - HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER type: string title: |- SSLClientRequestHeader type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLKeyAndCertificate: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ca_certs: description: |- CA certificates in certificate chain. items: $ref: '#/definitions/ALBCertificateAuthority' title: |- Ca certs type: array certificate: $ref: '#/definitions/ALBSSLCertificate' certificate_base64: default: false description: | States if the certificate is base64 encoded. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Certificate base64 type: boolean created_by: description: |- Creator name. title: |- Created by type: string dynamic_params: description: | Dynamic parameters needed for certificate management profile. items: $ref: '#/definitions/ALBCustomParams' title: |- Dynamic params type: array enable_ocsp_stapling: default: false description: | Enables OCSP Stapling. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable ocsp stapling type: boolean enckey_base64: description: | Encrypted private key corresponding to the private key (e.g. those generated by an HSM such as Thales nShield). title: |- Enckey base64 type: string enckey_name: description: | Name of the encrypted private key (e.g. those generated by an HSM such as Thales nShield). title: |- Enckey name type: string format: default: SSL_PEM description: | Format of the Key/Certificate file. Enum options - SSL_PEM, SSL_PKCS12. Default value when not specified in API or module is interpreted by ALB Controller as SSL_PEM. enum: - SSL_PEM - SSL_PKCS12 type: string hardwaresecuritymodulegroup_path: description: | It is a reference to an object of type HardwareSecurityModuleGroup. title: |- Hardwaresecuritymodulegroup path type: string key: description: |- Private key. title: |- Key type: string key_base64: default: false description: | States if the private key is base64 encoded. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Key base64 type: boolean key_params: $ref: '#/definitions/ALBSSLKeyParams' key_passphrase: description: |- Passphrase used to encrypt the private key. title: |- Key passphrase type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array ocsp_config: $ref: '#/definitions/ALBOCSPConfig' status: default: SSL_CERTIFICATE_FINISHED description: | Enum options - SSL_CERTIFICATE_FINISHED, SSL_CERTIFICATE_PENDING. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CERTIFICATE_FINISHED. enum: - SSL_CERTIFICATE_FINISHED - SSL_CERTIFICATE_PENDING type: string type: description: | Enum options - SSL_CERTIFICATE_TYPE_VIRTUALSERVICE, SSL_CERTIFICATE_TYPE_SYSTEM, SSL_CERTIFICATE_TYPE_CA. enum: - SSL_CERTIFICATE_TYPE_VIRTUALSERVICE - SSL_CERTIFICATE_TYPE_SYSTEM - SSL_CERTIFICATE_TYPE_CA type: string required: - certificate type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer SSLKeyAndCertificate object title: |- SSLKeyAndCertificate x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLKeyAndCertificateApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of SSLKeyAndCertificate items: $ref: '#/definitions/ALBSSLKeyAndCertificate' title: |- Array of SSLKeyAndCertificate type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | SSLKeyAndCertificateApiResponse title: |- SSLKeyAndCertificateApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLKeyECParams: description: |- Advanced load balancer SSLKeyECParams object properties: curve: default: SSL_KEY_EC_CURVE_SECP256R1 description: | Enum options - SSL_KEY_EC_CURVE_SECP256R1, SSL_KEY_EC_CURVE_SECP384R1, SSL_KEY_EC_CURVE_SECP521R1. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_EC_CURVE_SECP256R1. enum: - SSL_KEY_EC_CURVE_SECP256R1 - SSL_KEY_EC_CURVE_SECP384R1 - SSL_KEY_EC_CURVE_SECP521R1 type: string title: |- SSLKeyECParams type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLKeyParams: description: |- Advanced load balancer SSLKeyParams object properties: algorithm: default: SSL_KEY_ALGORITHM_RSA description: | Enum options - SSL_KEY_ALGORITHM_RSA, SSL_KEY_ALGORITHM_EC. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_ALGORITHM_RSA. enum: - SSL_KEY_ALGORITHM_RSA - SSL_KEY_ALGORITHM_EC type: string ec_params: $ref: '#/definitions/ALBSSLKeyECParams' rsa_params: $ref: '#/definitions/ALBSSLKeyRSAParams' required: - algorithm title: |- SSLKeyParams type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLKeyRSAParams: description: |- Advanced load balancer SSLKeyRSAParams object properties: exponent: default: 65537 description: | Number of exponent. Default value when not specified in API or module is interpreted by ALB Controller as 65537. format: int64 title: |- Exponent type: integer key_size: default: SSL_KEY_2048_BITS description: | Enum options - SSL_KEY_1024_BITS, SSL_KEY_2048_BITS, SSL_KEY_3072_BITS, SSL_KEY_4096_BITS. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_2048_BITS. enum: - SSL_KEY_1024_BITS - SSL_KEY_2048_BITS - SSL_KEY_3072_BITS - SSL_KEY_4096_BITS type: string title: |- SSLKeyRSAParams type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: accepted_ciphers: default: AES:3DES:RC4 description: | Ciphers suites represented as defined by https //www.openssl.org/docs/apps/ciphers.html. Default value when not specified in API or module is interpreted by ALB Controller as AES:3DES:RC4. title: |- Accepted ciphers type: string accepted_versions: description: | Set of versions accepted by the server. Minimum of 1 items required. items: $ref: '#/definitions/ALBSSLVersion' title: |- Accepted versions type: array avi_tags: description: | Placeholder for description of property tags of obj type SSLProfile field type str type array. items: $ref: '#/definitions/ALBTag' title: |- Avi tags type: array cipher_enums: description: | Enum options - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_AES_256_GCM_SHA384... Allowed in Basic(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Essentials(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Enterprise edition. items: description: |- Valid ENUM values for ALBAcceptedCipherEnums enum: - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_AES_256_GCM_SHA384 - TLS_CHACHA20_POLY1305_SHA256 - TLS_AES_128_GCM_SHA256 type: string title: |- Cipher enums type: array ciphersuites: default: TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256 description: | TLS 1.3 Ciphers suites represented as defined by U(https //www.openssl.org/docs/manmaster/man1/ciphers.html). Allowed in Basic edition, Essentials edition, Enterprise edition. Special default for Basic edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Essentials edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Enterprise is TLS_AES_256_GCM_SHA384-TLS_CHACHA20_POLY1305_SHA256-TLS_AES_128_GCM_SHA256. Default value when not specified in API or module is interpreted by ALB Controller as TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256. title: |- Ciphersuites type: string enable_early_data: default: false description: | Enable early data processing for TLS1.3 connections. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable early data type: boolean enable_ssl_session_reuse: default: true description: | Enable SSL session re-use. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable ssl session reuse type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array prefer_client_cipher_ordering: default: false description: | Prefer the SSL cipher ordering presented by the client during the SSL handshake over the one specified in the SSL Profile. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Prefer client cipher ordering type: boolean send_close_notify: default: true description: | Send 'close notify' alert message for a clean shutdown of the SSL connection. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Send close notify type: boolean ssl_rating: $ref: '#/definitions/ALBSSLRating' ssl_session_timeout: default: 86400 description: | The amount of time in seconds before an SSL session expires. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 86400. format: int64 title: |- Ssl session timeout type: integer type: default: SSL_PROFILE_TYPE_APPLICATION description: | SSL Profile Type. Enum options - SSL_PROFILE_TYPE_APPLICATION, SSL_PROFILE_TYPE_SYSTEM. Default value when not specified in API or module is interpreted by ALB Controller as SSL_PROFILE_TYPE_APPLICATION. enum: - SSL_PROFILE_TYPE_APPLICATION - SSL_PROFILE_TYPE_SYSTEM type: string required: - accepted_versions type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer SSLProfile object title: |- SSLProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of SSLProfile items: $ref: '#/definitions/ALBSSLProfile' title: |- Array of SSLProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | SSLProfileApiResponse title: |- SSLProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLProfileSelector: description: |- Advanced load balancer SSLProfileSelector object properties: client_ip_list: $ref: '#/definitions/ALBIpAddrMatch' ssl_profile_path: description: | SSL profile for the client IP addresses listed. It is a reference to an object of type SSLProfile. title: |- Ssl profile path type: string required: - client_ip_list - ssl_profile_path title: |- SSLProfileSelector type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLRating: description: |- Advanced load balancer SSLRating object properties: compatibility_rating: description: | Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT. enum: - SSL_SCORE_NOT_SECURE - SSL_SCORE_VERY_BAD - SSL_SCORE_BAD - SSL_SCORE_AVERAGE - SSL_SCORE_GOOD - SSL_SCORE_EXCELLENT type: string performance_rating: description: | Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT. enum: - SSL_SCORE_NOT_SECURE - SSL_SCORE_VERY_BAD - SSL_SCORE_BAD - SSL_SCORE_AVERAGE - SSL_SCORE_GOOD - SSL_SCORE_EXCELLENT type: string security_score: description: |- security_score of SSLRating. title: |- Security score type: string title: |- SSLRating type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSLVersion: description: |- Advanced load balancer SSLVersion object properties: type: default: SSL_VERSION_TLS1_1 description: | Enum options - SSL_VERSION_SSLV3, SSL_VERSION_TLS1, SSL_VERSION_TLS1_1, SSL_VERSION_TLS1_2, SSL_VERSION_TLS1_3. Allowed in Basic(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Essentials(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_VERSION_TLS1_1. enum: - SSL_VERSION_SSLV3 - SSL_VERSION_TLS1 - SSL_VERSION_TLS1_1 - SSL_VERSION_TLS1_2 - SSL_VERSION_TLS1_3 type: string required: - type title: |- SSLVersion type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSOPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: authentication_policy: $ref: '#/definitions/ALBAuthenticationPolicy' authorization_policy: $ref: '#/definitions/ALBAuthorizationPolicy' markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array type: default: SSO_TYPE_SAML description: | SSO Policy Type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT. Default value when not specified in API or module is interpreted by ALB Controller as SSO_TYPE_SAML. enum: - SSO_TYPE_SAML - SSO_TYPE_PINGACCESS - SSO_TYPE_JWT type: string required: - authentication_policy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer SSOPolicy object title: |- SSOPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSSOPolicyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of SSOPolicy items: $ref: '#/definitions/ALBSSOPolicy' title: |- Array of SSOPolicy type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | SSOPolicyApiResponse title: |- SSOPolicyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSamlIdentityProviderSettings: description: |- Advanced load balancer SamlIdentityProviderSettings object properties: metadata: description: |- SAML IDP metadata. title: |- Metadata type: string title: |- SamlIdentityProviderSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSamlServiceProviderNode: description: |- Advanced load balancer SamlServiceProviderNode object properties: entity_id: description: | Globally unique entityID for this node. Entity ID on the IDP should match this. title: |- Entity id type: string name: description: |- Refers to the Cluster name identifier (Virtual IP or FQDN). title: |- Name type: string signing_ssl_key_and_certificate_path: description: | Service Engines will use this SSL certificate to sign assertions going to the IdP. It is a reference to an object of type SSLKeyAndCertificate. title: |- Signing ssl key and certificate path type: string single_signon_url: description: |- Single Signon URL to be programmed on the IDP. title: |- Single signon url type: string required: - name title: |- SamlServiceProviderNode type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSamlServiceProviderSettings: description: |- Advanced load balancer SamlServiceProviderSettings object properties: fqdn: description: |- FQDN if entity type is DNS_FQDN . title: |- Fqdn type: string org_display_name: description: |- Service Provider Organization Display Name. title: |- Org display name type: string org_name: description: |- Service Provider Organization Name. title: |- Org name type: string org_url: description: |- Service Provider Organization URL. title: |- Org url type: string saml_entity_type: description: | Type of SAML endpoint. Enum options - AUTH_SAML_CLUSTER_VIP, AUTH_SAML_DNS_FQDN, AUTH_SAML_APP_VS. enum: - AUTH_SAML_CLUSTER_VIP - AUTH_SAML_DNS_FQDN - AUTH_SAML_APP_VS type: string sp_nodes: description: |- Service Provider node information. items: $ref: '#/definitions/ALBSamlServiceProviderNode' title: |- Sp nodes type: array tech_contact_email: description: |- Service Provider technical contact email. title: |- Tech contact email type: string tech_contact_name: description: |- Service Provider technical contact name. title: |- Tech contact name type: string title: |- SamlServiceProviderSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSamlSettings: description: |- Advanced load balancer SamlSettings object properties: idp: $ref: '#/definitions/ALBSamlIdentityProviderSettings' sp: $ref: '#/definitions/ALBSamlServiceProviderSettings' required: - sp title: |- SamlSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSecurityPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dns_attacks: $ref: '#/definitions/ALBDnsAttacks' dns_policy_index: default: 0 description: | Index of the dns policy to use for the mitigation rules applied to the dns attacks. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Dns policy index type: integer markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array network_security_policy_index: default: 0 description: | Index of the network security policy to use for the mitigation rules applied to the attacks. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Network security policy index type: integer oper_mode: default: DETECTION description: | Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. Default value when not specified in API or module is interpreted by ALB Controller as DETECTION. enum: - DETECTION - MITIGATION type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer SecurityPolicy object title: |- SecurityPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSecurityPolicyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of SecurityPolicy items: $ref: '#/definitions/ALBSecurityPolicy' title: |- Array of SecurityPolicy type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | SecurityPolicyApiResponse title: |- SecurityPolicyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSensitiveFieldRule: description: |- Advanced load balancer SensitiveFieldRule object properties: action: default: LOG_FIELD_REMOVE description: | Action for the matched log field, for instance the matched field can be removed or masked off. Enum options - LOG_FIELD_REMOVE, LOG_FIELD_MASKOFF. Default value when not specified in API or module is interpreted by ALB Controller as LOG_FIELD_REMOVE. enum: - LOG_FIELD_REMOVE - LOG_FIELD_MASKOFF type: string enabled: default: false description: | Enable rule to match the sensitive fields. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enabled type: boolean index: description: |- Index of the rule. format: int64 title: |- Index type: integer match: $ref: '#/definitions/ALBStringMatch' name: description: |- Name of the rule. title: |- Name type: string title: |- SensitiveFieldRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSensitiveLogProfile: description: |- Advanced load balancer SensitiveLogProfile object properties: header_field_rules: description: |- Match sensitive header fields in HTTP application log. items: $ref: '#/definitions/ALBSensitiveFieldRule' title: |- Header field rules type: array uri_query_field_rules: description: | Match sensitive URI query params in HTTP application log. Query params from the URI are extracted and checked for matching sensitive parameter names. A successful match will mask the parameter values in accordance with this rule action. items: $ref: '#/definitions/ALBSensitiveFieldRule' title: |- Uri query field rules type: array waf_field_rules: description: |- Match sensitive WAF log fields in HTTP application log. items: $ref: '#/definitions/ALBSensitiveFieldRule' title: |- Waf field rules type: array title: |- SensitiveLogProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBServer: description: |- Advanced load balancer Server object properties: autoscaling_group_name: description: | Name of autoscaling group this server belongs to. Allowed in Essentials edition, Enterprise edition. title: |- Autoscaling group name type: string availability_zone: description: |- Availability-zone of the server VM. title: |- Availability zone type: string description: description: |- A description of the Server. title: |- Description type: string discovered_networks: description: | (internal-use) Discovered networks providing reachability for server IP. This field is used internally by Avi, not editable by the user. items: $ref: '#/definitions/ALBDiscoveredNetwork' title: |- Discovered networks type: array enabled: default: true description: | Enable, Disable or Graceful Disable determine if new or existing connections to the server are allowed. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enabled type: boolean external_orchestration_id: description: |- UID of server in external orchestration systems. title: |- External orchestration id type: string external_uuid: description: | UUID identifying VM in OpenStack and other external compute. title: |- External uuid type: string hostname: description: | DNS resolvable name of the server. May be used in place of the IP address. title: |- Hostname type: string ip: $ref: '#/definitions/ALBIpAddr' is_static: default: false description: | If statically learned. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is static type: boolean location: $ref: '#/definitions/ALBGeoLocation' mac_address: description: |- MAC address of server. title: |- Mac address type: string port: description: | Optionally specify the servers port number. This will override the pool's default server port attribute. Allowed values are 1-65535. Special values are 0- 'use backend port in pool'. format: int64 maximum: 65535 minimum: 0 title: |- Port type: integer prst_hdr_val: description: |- Header value for custom header persistence. title: |- Prst hdr val type: string ratio: default: 1 description: | Ratio of selecting eligible servers in the pool. Allowed values are 1-20. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 20 minimum: 1 title: |- Ratio type: integer resolve_server_by_dns: default: false description: | Auto resolve server's IP using DNS name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Resolve server by dns type: boolean rewrite_host_header: default: false description: | Rewrite incoming Host Header to server name. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Rewrite host header type: boolean server_node: description: | Hostname of the node where the server VM or container resides. title: |- Server node type: string verify_network: default: false description: | Verify server belongs to a discovered network or reachable via a discovered network. Verify reachable network isn't the OpenStack management network. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Verify network type: boolean required: - ip title: |- Server type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBServerAutoScalePolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: delay_for_server_garbage_collection: default: 0 description: | Delay in minutes after which a down server will be removed from Pool. Value 0 disables this functionality. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Delay for server garbage collection type: integer intelligent_autoscale: default: false description: | Use Avi intelligent autoscale algorithm where autoscale is performed by comparing load on the pool against estimated capacity of all the servers. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Intelligent autoscale type: boolean intelligent_scalein_margin: default: 40 description: | Maximum extra capacity as percentage of load used by the intelligent scheme. Scalein is triggered when available capacity is more than this margin. Allowed values are 1-99. Default value when not specified in API or module is interpreted by ALB Controller as 40. format: int64 maximum: 99 minimum: 1 title: |- Intelligent scalein margin type: integer intelligent_scaleout_margin: default: 20 description: | Minimum extra capacity as percentage of load used by the intelligent scheme. Scaleout is triggered when available capacity is less than this margin. Allowed values are 1-99. Default value when not specified in API or module is interpreted by ALB Controller as 20. format: int64 maximum: 99 minimum: 1 title: |- Intelligent scaleout margin type: integer markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array max_scalein_adjustment_step: default: 1 description: | Maximum number of servers to scalein simultaneously. The actual number of servers to scalein is chosen such that target number of servers is always more than or equal to the min_size. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 title: |- Max scalein adjustment step type: integer max_scaleout_adjustment_step: default: 1 description: | Maximum number of servers to scaleout simultaneously. The actual number of servers to scaleout is chosen such that target number of servers is always less than or equal to the max_size. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 title: |- Max scaleout adjustment step type: integer max_size: description: | Maximum number of servers after scaleout. Allowed values are 0-400. format: int64 maximum: 400 minimum: 0 title: |- Max size type: integer min_size: description: | No scale-in happens once number of operationally up servers reach min_servers. Allowed values are 0-400. format: int64 maximum: 400 minimum: 0 title: |- Min size type: integer scalein_cooldown: default: 300 description: | Cooldown period during which no new scalein is triggered to allow previous scalein to successfully complete. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. format: int64 title: |- Scalein cooldown type: integer scaleout_cooldown: default: 300 description: | Cooldown period during which no new scaleout is triggered to allow previous scaleout to successfully complete. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. format: int64 title: |- Scaleout cooldown type: integer use_predicted_load: default: false description: | Use predicted load rather than current load. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Use predicted load type: boolean type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer ServerAutoScalePolicy object title: |- ServerAutoScalePolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBServerAutoScalePolicyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of ServerAutoScalePolicy items: $ref: '#/definitions/ALBServerAutoScalePolicy' title: |- Array of ServerAutoScalePolicy type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | ServerAutoScalePolicyApiResponse title: |- ServerAutoScalePolicyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBService: description: |- Advanced load balancer Service object properties: enable_http2: default: false description: | Enable HTTP2 on this port. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable http2 type: boolean enable_ssl: default: false description: | Enable SSL termination and offload for traffic from clients. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable ssl type: boolean override_application_profile_path: description: | Enable application layer specific features for the this specific service. It is a reference to an object of type ApplicationProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Override application profile path type: string override_network_profile_path: description: | Override the network profile for this specific service port. It is a reference to an object of type NetworkProfile. title: |- Override network profile path type: string port: description: | The Virtual Service's port number. Allowed values are 0-65535. format: int64 maximum: 65535 minimum: 0 title: |- Port type: integer port_range_end: default: 0 description: | The end of the Virtual Service's port number range. Allowed values are 1-65535. Special values are 0- 'single port'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 65535 minimum: 0 title: |- Port range end type: integer required: - port title: |- Service type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBServicePoolSelector: description: |- Advanced load balancer ServicePoolSelector object properties: service_pool_group_path: description: |- It is a reference to an object of type PoolGroup. title: |- Service pool group path type: string service_pool_path: description: |- It is a reference to an object of type Pool. title: |- Service pool path type: string service_port: description: | Pool based destination port. Allowed values are 1-65535. format: int64 maximum: 65535 minimum: 1 title: |- Service port type: integer service_port_range_end: default: 0 description: | The end of the Service port number range. Allowed values are 1-65535. Special values are 0- 'single port'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 65535 minimum: 0 title: |- Service port range end type: integer service_protocol: description: | Destination protocol to match for the pool selection. If not specified, it will match any protocol. Enum options - PROTOCOL_TYPE_TCP_PROXY, PROTOCOL_TYPE_TCP_FAST_PATH, PROTOCOL_TYPE_UDP_FAST_PATH, PROTOCOL_TYPE_UDP_PROXY. enum: - PROTOCOL_TYPE_TCP_PROXY - PROTOCOL_TYPE_TCP_FAST_PATH - PROTOCOL_TYPE_UDP_FAST_PATH - PROTOCOL_TYPE_UDP_PROXY type: string required: - service_port title: |- ServicePoolSelector type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSidebandProfile: description: |- Advanced load balancer SidebandProfile object properties: ip: description: |- IP Address of the sideband server. items: $ref: '#/definitions/ALBIpAddr' title: |- Ip type: array sideband_max_request_body_size: default: 1024 description: | Maximum size of the request body that will be sent on the sideband. Allowed values are 0-16384. Unit is BYTES. Default value when not specified in API or module is interpreted by ALB Controller as 1024. format: int64 maximum: 16384 minimum: 0 title: |- Sideband max request body size type: integer title: |- SidebandProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBSipServiceApplicationProfile: description: |- Advanced load balancer SipServiceApplicationProfile object properties: transaction_timeout: default: 32 description: | SIP transaction timeout in seconds. Allowed values are 2-512. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 32. format: int64 maximum: 512 minimum: 2 title: |- Transaction timeout type: integer title: |- SipServiceApplicationProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBStreamingSyslogConfig: description: |- Advanced load balancer StreamingSyslogConfig object properties: facility: default: 16 description: | Facility value, as defined in RFC5424, must be between 0 and 23 inclusive. Allowed values are 0-23. Default value when not specified in API or module is interpreted by ALB Controller as 16. format: int64 maximum: 23 minimum: 0 title: |- Facility type: integer filtered_log_severity: default: 5 description: | Severity code, as defined in RFC5424, for filtered logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 5. format: int64 maximum: 7 minimum: 0 title: |- Filtered log severity type: integer hostname: default: AviVantage description: | String to use as the hostname in the syslog messages. This string can contain only printable ASCII characters (hex 21 to hex 7E; no space allowed). Default value when not specified in API or module is interpreted by ALB Controller as AviVantage. title: |- Hostname type: string non_significant_log_severity: default: 6 description: | Severity code, as defined in RFC5424, for non-significant logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 6. format: int64 maximum: 7 minimum: 0 title: |- Non significant log severity type: integer significant_log_severity: default: 4 description: | Severity code, as defined in RFC5424, for significant logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 4. format: int64 maximum: 7 minimum: 0 title: |- Significant log severity type: integer title: |- StreamingSyslogConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBStringGroup: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: kv: description: |- Configure Key Value in the string group. items: $ref: '#/definitions/ALBKeyValue' title: |- Kv type: array longest_match: default: false description: | Enable the longest match, default is the shortest match. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Longest match type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array type: default: SG_TYPE_STRING description: | Type of StringGroup. Enum options - SG_TYPE_STRING, SG_TYPE_KEYVAL. Default value when not specified in API or module is interpreted by ALB Controller as SG_TYPE_STRING. enum: - SG_TYPE_STRING - SG_TYPE_KEYVAL type: string required: - type type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer StringGroup object title: |- StringGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBStringGroupApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of StringGroup items: $ref: '#/definitions/ALBStringGroup' title: |- Array of StringGroup type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | StringGroupApiResponse title: |- StringGroupApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBStringMatch: description: |- Advanced load balancer StringMatch object properties: match_criteria: description: | Criterion to use for string matching the HTTP request. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition. enum: - BEGINS_WITH - DOES_NOT_BEGIN_WITH - CONTAINS - DOES_NOT_CONTAIN - ENDS_WITH - DOES_NOT_END_WITH - EQUALS - DOES_NOT_EQUAL - REGEX_MATCH - REGEX_DOES_NOT_MATCH type: string match_str: description: |- String value(s). items: type: string title: |- Match str type: array string_group_paths: description: | path of the string group(s). It is a reference to an object of type StringGroup. items: type: string title: |- String group paths type: array required: - match_criteria title: |- StringMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBTCPApplicationProfile: description: |- Advanced load balancer TCPApplicationProfile object properties: pki_profile_path: description: | Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Pki profile path type: string proxy_protocol_enabled: default: false description: | Enable/Disable the usage of proxy protocol to convey client connection information to the back-end servers. Valid only for L4 application profiles and TCP proxy. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Proxy protocol enabled type: boolean proxy_protocol_version: default: PROXY_PROTOCOL_VERSION_1 description: | Version of proxy protocol to be used to convey client connection information to the back-end servers. Enum options - PROXY_PROTOCOL_VERSION_1, PROXY_PROTOCOL_VERSION_2. Allowed in Basic(Allowed values- PROXY_PROTOCOL_VERSION_1) edition, Essentials(Allowed values- PROXY_PROTOCOL_VERSION_1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PROXY_PROTOCOL_VERSION_1. enum: - PROXY_PROTOCOL_VERSION_1 - PROXY_PROTOCOL_VERSION_2 type: string ssl_client_certificate_mode: default: SSL_CLIENT_CERTIFICATE_NONE description: | Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE. Allowed in Basic(Allowed values- SSL_CLIENT_CERTIFICATE_NONE) edition, Essentials(Allowed values- SSL_CLIENT_CERTIFICATE_NONE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CLIENT_CERTIFICATE_NONE. enum: - SSL_CLIENT_CERTIFICATE_NONE - SSL_CLIENT_CERTIFICATE_REQUEST - SSL_CLIENT_CERTIFICATE_REQUIRE type: string title: |- TCPApplicationProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBTCPFastPathProfile: description: |- Advanced load balancer TCPFastPathProfile object properties: dsr_profile: $ref: '#/definitions/ALBDsrProfile' enable_syn_protection: default: false description: | When enabled, Avi will complete the 3-way handshake with the client before forwarding any packets to the server. This will protect the server from SYN flood and half open SYN connections. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable syn protection type: boolean session_idle_timeout: default: 300 description: | The amount of time (in sec) for which a connection needs to be idle before it is eligible to be deleted. Allowed values are 5-14400. Special values are 0 - 'infinite'. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300. format: int64 maximum: 14400 minimum: 0 title: |- Session idle timeout type: integer title: |- TCPFastPathProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBTCPProxyProfile: description: |- Advanced load balancer TCPProxyProfile object properties: aggressive_congestion_avoidance: default: false description: | Controls the our congestion window to send, normally it's 1 mss, If this option is turned on, we use 10 msses. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Aggressive congestion avoidance type: boolean auto_window_growth: default: true description: | Controls whether the windows are static or supports autogrowth. Maximum that it can grow to is limited to 4MB. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Auto window growth type: boolean automatic: default: true description: | Dynamically pick the relevant parameters for connections. Allowed in Basic(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Automatic type: boolean cc_algo: default: CC_ALGO_NEW_RENO description: | Controls the congestion control algorithm we use. Enum options - CC_ALGO_NEW_RENO, CC_ALGO_CUBIC, CC_ALGO_HTCP. Default value when not specified in API or module is interpreted by ALB Controller as CC_ALGO_NEW_RENO. enum: - CC_ALGO_NEW_RENO - CC_ALGO_CUBIC - CC_ALGO_HTCP type: string congestion_recovery_scaling_factor: default: 2 description: | Congestion window scaling factor after recovery. Allowed values are 0-8. Default value when not specified in API or module is interpreted by ALB Controller as 2. format: int64 maximum: 8 minimum: 0 title: |- Congestion recovery scaling factor type: integer idle_connection_timeout: default: 600 description: | The duration for keepalive probes or session idle timeout. Max value is 3600 seconds, min is 5. Set to 0 to allow infinite idle time. Allowed values are 5-14400. Special values are 0 - 'infinite'. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 600. format: int64 maximum: 14400 minimum: 0 title: |- Idle connection timeout type: integer idle_connection_type: default: KEEP_ALIVE description: | Controls the behavior of idle connections. Enum options - KEEP_ALIVE, CLOSE_IDLE. Default value when not specified in API or module is interpreted by ALB Controller as KEEP_ALIVE. enum: - KEEP_ALIVE - CLOSE_IDLE type: string ignore_time_wait: default: false description: | A new SYN is accepted from the same 4-tuple even if there is already a connection in TIME_WAIT state. This is equivalent of setting Time Wait Delay to 0. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Ignore time wait type: boolean ip_dscp: default: 0 description: | Controls the value of the Differentiated Services Code Point field inserted in the IP header. This has two options Set to a specific value, or Pass Through, which uses the incoming DSCP value. Allowed values are 0-63. Special values are MAX - 'Passthrough'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 63 minimum: 0 title: |- Ip dscp type: integer keepalive_in_halfclose_state: default: true description: | Controls whether to keep the connection alive with keepalive messages in the TCP half close state. The interval for sending keepalive messages is 30s. If a timeout is already configured in the network profile, this will not override it. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Keepalive in halfclose state type: boolean max_retransmissions: default: 8 description: | The number of attempts at retransmit before closing the connection. Allowed values are 3-8. Default value when not specified in API or module is interpreted by ALB Controller as 8. format: int64 maximum: 8 minimum: 3 title: |- Max retransmissions type: integer max_segment_size: description: | Maximum TCP segment size. Allowed values are 512-9000. Special values are 0 - 'Use Interface MTU'. Unit is BYTES. format: int64 maximum: 9000 minimum: 0 title: |- Max segment size type: integer max_syn_retransmissions: default: 8 description: | The maximum number of attempts at retransmitting a SYN packet before giving up. Allowed values are 3-8. Default value when not specified in API or module is interpreted by ALB Controller as 8. format: int64 maximum: 8 minimum: 3 title: |- Max syn retransmissions type: integer min_rexmt_timeout: description: | The minimum wait time (in millisec) to retransmit packet. Allowed values are 50-5000. Unit is MILLISECONDS. format: int64 maximum: 5000 minimum: 50 title: |- Min rexmt timeout type: integer nagles_algorithm: default: false description: | Consolidates small data packets to send clients fewer but larger packets. Adversely affects real time protocols such as telnet or SSH. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Nagles algorithm type: boolean reassembly_queue_size: default: 0 description: | Maximum number of TCP segments that can be queued for reassembly. Configuring this to 0 disables the feature and provides unlimited queuing. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 title: |- Reassembly queue size type: integer receive_window: default: 64 description: | Size of the receive window. Allowed values are 2-65536. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 64. format: int64 maximum: 65536 minimum: 2 title: |- Receive window type: integer reorder_threshold: description: | Controls the number of duplicate acks required to trigger retransmission. Setting a higher value reduces retransmission caused by packet reordering. A larger value is recommended in public cloud environments where packet reordering is quite common. The default value is 8 in public cloud platforms (AWS, Azure, GCP), and 3 in other environments. Allowed values are 1-100. format: int64 maximum: 100 minimum: 1 title: |- Reorder threshold type: integer slow_start_scaling_factor: default: 1 description: | Congestion window scaling factor during slow start. Allowed values are 0-8. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 8 minimum: 0 title: |- Slow start scaling factor type: integer time_wait_delay: default: 2000 description: | The time (in millisec) to wait before closing a connection in the TIME_WAIT state. Allowed values are 500-2000. Special values are 0 - 'immediate'. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 2000. format: int64 maximum: 2000 minimum: 0 title: |- Time wait delay type: integer use_interface_mtu: default: true description: | Use the interface MTU to calculate the TCP max segment size. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Use interface mtu type: boolean title: |- TCPProxyProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBTacacsPlusAuthSettings: description: |- Advanced load balancer TacacsPlusAuthSettings object properties: authorization_attrs: description: |- TACACS+ authorization attribute value pairs. items: $ref: '#/definitions/ALBAuthTacacsPlusAttributeValuePair' title: |- Authorization attrs type: array password: description: |- TACACS+ server shared secret. title: |- Password type: string port: default: 49 description: | TACACS+ server listening port. Default value when not specified in API or module is interpreted by ALB Controller as 49. format: int64 title: |- Port type: integer server: description: | TACACS+ server IP address or FQDN. Minimum of 1 items required. items: type: string title: |- Server type: array service: default: AUTH_TACACS_PLUS_SERVICE_LOGIN description: | TACACS+ service. Enum options - AUTH_TACACS_PLUS_SERVICE_NONE, AUTH_TACACS_PLUS_SERVICE_LOGIN, AUTH_TACACS_PLUS_SERVICE_ENABLE, AUTH_TACACS_PLUS_SERVICE_PPP, AUTH_TACACS_PLUS_SERVICE_ARAP, AUTH_TACACS_PLUS_SERVICE_PT, AUTH_TACACS_PLUS_SERVICE_RCMD, AUTH_TACACS_PLUS_SERVICE_X25, AUTH_TACACS_PLUS_SERVICE_NASI, AUTH_TACACS_PLUS_SERVICE_FWPROXY. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_TACACS_PLUS_SERVICE_LOGIN. enum: - AUTH_TACACS_PLUS_SERVICE_NONE - AUTH_TACACS_PLUS_SERVICE_LOGIN - AUTH_TACACS_PLUS_SERVICE_ENABLE - AUTH_TACACS_PLUS_SERVICE_PPP - AUTH_TACACS_PLUS_SERVICE_ARAP - AUTH_TACACS_PLUS_SERVICE_PT - AUTH_TACACS_PLUS_SERVICE_RCMD - AUTH_TACACS_PLUS_SERVICE_X25 - AUTH_TACACS_PLUS_SERVICE_NASI - AUTH_TACACS_PLUS_SERVICE_FWPROXY type: string required: - server title: |- TacacsPlusAuthSettings type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBTag: description: |- Advanced load balancer Tag object properties: type: default: USER_DEFINED description: | Enum options - AVI_DEFINED, USER_DEFINED, VCENTER_DEFINED. Default value when not specified in API or module is interpreted by ALB Controller as USER_DEFINED. enum: - AVI_DEFINED - USER_DEFINED - VCENTER_DEFINED type: string value: description: |- value of Tag. title: |- Value type: string required: - value title: |- Tag type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBTrafficCloneProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: clone_servers: description: |- Maximum of 10 items allowed. items: $ref: '#/definitions/ALBCloneServer' title: |- Clone servers type: array cloud_name: description: |- It is a reference to an object of type Cloud. title: |- Cloud name type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array preserve_client_ip: default: false description: | Specifies if client IP needs to be preserved to clone destination. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Preserve client ip type: boolean type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer TrafficCloneProfile object title: |- TrafficCloneProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBTrafficCloneProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of TrafficCloneProfile items: $ref: '#/definitions/ALBTrafficCloneProfile' title: |- Array of TrafficCloneProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | TrafficCloneProfileApiResponse title: |- TrafficCloneProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBUDPFastPathProfile: description: |- Advanced load balancer UDPFastPathProfile object properties: dsr_profile: $ref: '#/definitions/ALBDsrProfile' per_pkt_loadbalance: default: false description: | When enabled, every UDP packet is considered a new transaction and may be load balanced to a different server. When disabled, packets from the same client source IP and port are sent to the same server. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Per pkt loadbalance type: boolean session_idle_timeout: default: 10 description: | The amount of time (in sec) for which a flow needs to be idle before it is deleted. Allowed values are 2-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 maximum: 3600 minimum: 2 title: |- Session idle timeout type: integer snat: default: true description: | When disabled, Source NAT will not be performed for all client UDP packets. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Snat type: boolean title: |- UDPFastPathProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBUDPProxyProfile: description: |- Advanced load balancer UDPProxyProfile object properties: session_idle_timeout: default: 10 description: | The amount of time (in sec) for which a flow needs to be idle before it is deleted. Allowed values are 2-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10. format: int64 maximum: 3600 minimum: 2 title: |- Session idle timeout type: integer title: |- UDPProxyProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBURIParam: description: |- Advanced load balancer URIParam object properties: tokens: description: | Token config either for the URI components or a constant string. Minimum of 1 items required. items: $ref: '#/definitions/ALBURIParamToken' title: |- Tokens type: array type: description: | URI param type. Enum options - URI_PARAM_TYPE_TOKENIZED. enum: - URI_PARAM_TYPE_TOKENIZED type: string required: - tokens - type title: |- URIParam type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBURIParamQuery: description: |- Advanced load balancer URIParamQuery object properties: add_string: description: | Concatenate a string to the query of the incoming request URI and then use it in the request URI going to the backend server. title: |- Add string type: string keep_query: default: true description: | Use or drop the query of the incoming request URI in the request URI to the backend server. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Keep query type: boolean title: |- URIParamQuery type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBURIParamToken: description: |- Advanced load balancer URIParamToken object properties: end_index: description: | Index of the ending token in the incoming URI. Allowed values are 0-65534. Special values are 65535 - 'end of string'. format: int64 maximum: 65535 minimum: 0 title: |- End index type: integer start_index: description: |- Index of the starting token in the incoming URI. format: int64 title: |- Start index type: integer str_value: description: |- Constant string to use as a token. title: |- Str value type: string type: description: | Token type for constructing the URI. Enum options - URI_TOKEN_TYPE_HOST, URI_TOKEN_TYPE_PATH, URI_TOKEN_TYPE_STRING, URI_TOKEN_TYPE_STRING_GROUP, URI_TOKEN_TYPE_REGEX. enum: - URI_TOKEN_TYPE_HOST - URI_TOKEN_TYPE_PATH - URI_TOKEN_TYPE_STRING - URI_TOKEN_TYPE_STRING_GROUP - URI_TOKEN_TYPE_REGEX type: string required: - type title: |- URIParamToken type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVSDataScript: description: |- Advanced load balancer VSDataScript object properties: evt: description: | Event triggering execution of datascript. Enum options - VS_DATASCRIPT_EVT_HTTP_REQ, VS_DATASCRIPT_EVT_HTTP_RESP, VS_DATASCRIPT_EVT_HTTP_RESP_DATA, VS_DATASCRIPT_EVT_HTTP_LB_FAILED, VS_DATASCRIPT_EVT_HTTP_REQ_DATA, VS_DATASCRIPT_EVT_HTTP_RESP_FAILED, VS_DATASCRIPT_EVT_HTTP_LB_DONE, VS_DATASCRIPT_EVT_HTTP_AUTH, VS_DATASCRIPT_EVT_HTTP_POST_AUTH, VS_DATASCRIPT_EVT_TCP_CLIENT_ACCEPT, VS_DATASCRIPT_EVT_SSL_HANDSHAKE_DONE, VS_DATASCRIPT_EVT_DNS_REQ, VS_DATASCRIPT_EVT_DNS_RESP, VS_DATASCRIPT_EVT_L4_REQUEST, VS_DATASCRIPT_EVT_L4_RESPONSE, VS_DATASCRIPT_EVT_MAX. Allowed in Basic(Allowed values- VS_DATASCRIPT_EVT_HTTP_REQ) edition, Enterprise edition. enum: - VS_DATASCRIPT_EVT_HTTP_REQ - VS_DATASCRIPT_EVT_HTTP_RESP - VS_DATASCRIPT_EVT_HTTP_RESP_DATA - VS_DATASCRIPT_EVT_HTTP_LB_FAILED - VS_DATASCRIPT_EVT_HTTP_REQ_DATA - VS_DATASCRIPT_EVT_HTTP_RESP_FAILED - VS_DATASCRIPT_EVT_HTTP_LB_DONE - VS_DATASCRIPT_EVT_HTTP_AUTH - VS_DATASCRIPT_EVT_HTTP_POST_AUTH - VS_DATASCRIPT_EVT_TCP_CLIENT_ACCEPT - VS_DATASCRIPT_EVT_SSL_HANDSHAKE_DONE - VS_DATASCRIPT_EVT_DNS_REQ - VS_DATASCRIPT_EVT_DNS_RESP - VS_DATASCRIPT_EVT_L4_REQUEST - VS_DATASCRIPT_EVT_L4_RESPONSE - VS_DATASCRIPT_EVT_MAX type: string script: description: |- Datascript to execute when the event triggers. title: |- Script type: string required: - evt - script title: |- VSDataScript type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVSDataScriptSet: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: created_by: description: |- Creator name. title: |- Created by type: string datascript: description: |- DataScripts to execute. items: $ref: '#/definitions/ALBVSDataScript' title: |- Datascript type: array ipgroup_paths: description: | path of IP Groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type IpAddrGroup. items: type: string title: |- Ipgroup paths type: array markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array pool_group_paths: description: | path of pool groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type PoolGroup. items: type: string title: |- Pool group paths type: array pool_paths: description: | path of pools that could be referred by VSDataScriptSet objects. It is a reference to an object of type Pool. items: type: string title: |- Pool paths type: array protocol_parser_paths: description: | List of protocol parsers that could be referred by VSDataScriptSet objects. It is a reference to an object of type ProtocolParser. Allowed in Basic edition, Essentials edition, Enterprise edition. items: type: string title: |- Protocol parser paths type: array rate_limiters: description: | The Rate Limit definitions needed for this DataScript. The name is composed of the Virtual Service name and the DataScript name. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRateLimiter' title: |- Rate limiters type: array string_group_paths: description: | path of String Groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type StringGroup. items: type: string title: |- String group paths type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer VSDataScriptSet object title: |- VSDataScriptSet x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVSDataScriptSetApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of VSDataScriptSet items: $ref: '#/definitions/ALBVSDataScriptSet' title: |- Array of VSDataScriptSet type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | VSDataScriptSetApiResponse title: |- VSDataScriptSetApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVSDataScripts: description: |- Advanced load balancer VSDataScripts object properties: index: description: |- Index of the virtual service datascript collection. format: int64 title: |- Index type: integer vs_datascript_set_path: description: | path of the virtual service datascript collection. It is a reference to an object of type VSDataScriptSet. title: |- Vs datascript set path type: string required: - index - vs_datascript_set_path title: |- VSDataScripts type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVip: description: |- Advanced load balancer Vip object properties: auto_allocate_floating_ip: default: false description: | Auto-allocate floating/elastic IP from the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Auto allocate floating ip type: boolean auto_allocate_ip: default: false description: | Auto-allocate VIP from the provided subnet. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Auto allocate ip type: boolean auto_allocate_ip_type: default: V4_ONLY description: | Specifies whether to auto-allocate only a V4 address, only a V6 address, or one of each type. Enum options - V4_ONLY, V6_ONLY, V4_V6. Allowed in Basic(Allowed values- V4_ONLY) edition, Essentials(Allowed values- V4_ONLY) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as V4_ONLY. enum: - V4_ONLY - V6_ONLY - V4_V6 type: string availability_zone: description: | Availability-zone to place the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Availability zone type: string avi_allocated_fip: default: false description: | (internal-use) FIP allocated by Avi in the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Avi allocated fip type: boolean avi_allocated_vip: default: false description: | (internal-use) VIP allocated by Avi in the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Avi allocated vip type: boolean discovered_networks: description: | Discovered networks providing reachability for client facing Vip IP. items: $ref: '#/definitions/ALBDiscoveredNetwork' title: |- Discovered networks type: array enabled: default: true description: | Enable or disable the Vip. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enabled type: boolean floating_ip: $ref: '#/definitions/ALBIpAddr' floating_ip6: $ref: '#/definitions/ALBIpAddr' floating_subnet6_uuid: description: | If auto_allocate_floating_ip is True and more than one floating-ip subnets exist, then the subnet for the floating IPv6 address allocation. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Floating subnet6 uuid type: string floating_subnet_uuid: description: | If auto_allocate_floating_ip is True and more than one floating-ip subnets exist, then the subnet for the floating IP address allocation. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Floating subnet uuid type: string ip6_address: $ref: '#/definitions/ALBIpAddr' ip_address: $ref: '#/definitions/ALBIpAddr' ipam_network_subnet: $ref: '#/definitions/ALBIPNetworkSubnet' network_name: description: | Manually override the network on which the Vip is placed. It is a reference to an object of type Network. title: |- Network name type: string placement_networks: description: | Placement networks/subnets to use for vip placement. Maximum of 10 items allowed. items: $ref: '#/definitions/ALBVipPlacementNetwork' title: |- Placement networks type: array port_uuid: description: |- (internal-use) Network port assigned to the Vip IP address. title: |- Port uuid type: string prefix_length: default: 32 description: | Mask applied for the Vip, non-default mask supported only for wildcard Vip. Allowed values are 0-32. Allowed in Basic(Allowed values- 32) edition, Essentials(Allowed values- 32) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 32. format: int64 maximum: 32 minimum: 0 title: |- Prefix length type: integer subnet: $ref: '#/definitions/ALBIpAddrPrefix' subnet6: $ref: '#/definitions/ALBIpAddrPrefix' subnet6_uuid: description: | If auto_allocate_ip is True, then the subnet for the Vip IPv6 address allocation. This field is applicable only if the VirtualService belongs to an Openstack or AWS cloud, in which case it is mandatory, if auto_allocate is selected. Allowed in Essentials edition, Enterprise edition. title: |- Subnet6 uuid type: string subnet_uuid: description: | If auto_allocate_ip is True, then the subnet for the Vip IP address allocation. This field is applicable only if the VirtualService belongs to an Openstack or AWS cloud, in which case it is mandatory, if auto_allocate is selected. title: |- Subnet uuid type: string vip_id: description: |- Unique ID associated with the vip. title: |- Vip id type: string required: - vip_id title: |- Vip type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVipPlacementNetwork: description: |- Advanced load balancer VipPlacementNetwork object properties: network_name: description: | Network to use for vip placement. It is a reference to an object of type Network. title: |- Network name type: string subnet: $ref: '#/definitions/ALBIpAddrPrefix' subnet6: $ref: '#/definitions/ALBIpAddrPrefix' title: |- VipPlacementNetwork type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVirtualService: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: active_standby_se_tag: default: ACTIVE_STANDBY_SE_1 description: | This configuration only applies if the VirtualService is in Legacy Active Standby HA mode and Load Distribution among Active Standby is enabled. This field is used to tag the VirtualService so that VirtualServices with the same tag will share the same Active ServiceEngine. VirtualServices with different tags will have different Active ServiceEngines. If one of the ServiceEngine's in the ServiceEngineGroup fails, all VirtualServices will end up using the same Active ServiceEngine. Redistribution of the VirtualServices can be either manual or automated when the failed ServiceEngine recovers. Redistribution is based on the auto redistribute property of the ServiceEngineGroup. Enum options - ACTIVE_STANDBY_SE_1, ACTIVE_STANDBY_SE_2. Default value when not specified in API or module is interpreted by ALB Controller as ACTIVE_STANDBY_SE_1. enum: - ACTIVE_STANDBY_SE_1 - ACTIVE_STANDBY_SE_2 type: string advertise_down_vs: default: false description: | Keep advertising Virtual Service via BGP even if it is marked down by health monitor. This setting takes effect for future Virtual Service flaps. To advertise current VSes that are down, please disable and re-enable the Virtual Service. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Advertise down vs type: boolean allow_invalid_client_cert: default: false description: | Process request even if invalid client certificate is presented. Datascript APIs need to be used for processing of such requests. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Allow invalid client cert type: boolean analytics_policy: $ref: '#/definitions/ALBAnalyticsPolicy' analytics_profile_path: description: | Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile. title: |- Analytics profile path type: string apic_contract_graph: description: | The name of the Contract/Graph associated with the Virtual Service. Should be in the format. This is applicable only for Service Integration mode with Cisco APIC Controller. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Apic contract graph type: string application_profile_path: description: | Enable application layer specific features for the Virtual Service. It is a reference to an object of type ApplicationProfile. Special default for Essentials edition is System-L4-Application. title: |- Application profile path type: string azure_availability_set: description: | (internal-use)Applicable for Azure only. Azure Availability set to which this VS is associated. Internally set by the cloud connector. title: |- Azure availability set type: string bgp_peer_labels: description: | Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed. items: type: string title: |- Bgp peer labels type: array bulk_sync_kvcache: default: false description: | (This is a beta feature). Sync Key-Value cache to the new SEs when VS is scaled out. For ex SSL sessions are stored using VS's Key-Value cache. When the VS is scaled out, the SSL session information is synced to the new SE, allowing existing SSL sessions to be reused on the new SE. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Bulk sync kvcache type: boolean client_auth: $ref: '#/definitions/ALBHTTPClientAuthenticationParams' close_client_conn_on_config_update: default: false description: | close client connection on vs config update. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Close client conn on config update type: boolean cloud_config_cksum: description: | Checksum of cloud configuration for VS. Internally set by cloud connector. title: |- Cloud config cksum type: string cloud_name: description: |- It is a reference to an object of type Cloud. title: |- Cloud name type: string cloud_type: default: CLOUD_NONE description: | Enum options - CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP, CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE, CLOUD_GCP, CLOUD_NSXT. Allowed in Basic(Allowed values- CLOUD_NONE,CLOUD_NSXT) edition, Essentials(Allowed values- CLOUD_NONE,CLOUD_VCENTER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CLOUD_NONE. enum: - CLOUD_NONE - CLOUD_VCENTER - CLOUD_OPENSTACK - CLOUD_AWS - CLOUD_VCA - CLOUD_APIC - CLOUD_MESOS - CLOUD_LINUXSERVER - CLOUD_DOCKER_UCP - CLOUD_RANCHER - CLOUD_OSHIFT_K8S - CLOUD_AZURE - CLOUD_GCP - CLOUD_NSXT type: string connections_rate_limit: $ref: '#/definitions/ALBRateProfile' content_rewrite: $ref: '#/definitions/ALBContentRewriteProfile' created_by: description: |- Creator name. title: |- Created by type: string delay_fairness: default: false description: | Select the algorithm for QoS fairness. This determines how multiple Virtual Services sharing the same Service Engines will prioritize traffic over a congested network. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Delay fairness type: boolean dns_info: description: | Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Note that only one of fqdn and dns_info setting is allowed. Maximum of 1000 items allowed. items: $ref: '#/definitions/ALBDnsInfo' title: |- Dns info type: array dns_policies: description: | DNS Policies applied on the dns traffic of the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBDnsPolicies' title: |- Dns policies type: array east_west_placement: default: false description: | Force placement on all SE's in service group (Mesos mode only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- East west placement type: boolean enable_autogw: default: false description: | Response traffic to clients will be sent back to the source MAC address of the connection, rather than statically sent to a default gateway. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable autogw type: boolean enable_rhi: description: | Enable Route Health Injection using the BGP Config in the vrf context. title: |- Enable rhi type: boolean enable_rhi_snat: description: | Enable Route Health Injection for Source NAT'ted floating IP Address using the BGP Config in the vrf context. title: |- Enable rhi snat type: boolean enabled: default: true description: | Enable or disable the Virtual Service. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enabled type: boolean error_page_profile_path: description: | Error Page Profile to be used for this virtualservice.This profile is used to send the custom error page to the client generated by the proxy. It is a reference to an object of type ErrorPageProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Error page profile path type: string flow_dist: default: LOAD_AWARE description: | Criteria for flow distribution among SEs. Enum options - LOAD_AWARE, CONSISTENT_HASH_SOURCE_IP_ADDRESS, CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT. Allowed in Basic(Allowed values- LOAD_AWARE) edition, Essentials(Allowed values- LOAD_AWARE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LOAD_AWARE. enum: - LOAD_AWARE - CONSISTENT_HASH_SOURCE_IP_ADDRESS - CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT type: string flow_label_type: default: NO_LABEL description: | Criteria for flow labelling. Enum options - NO_LABEL, APPLICATION_LABEL, SERVICE_LABEL. Default value when not specified in API or module is interpreted by ALB Controller as NO_LABEL. enum: - NO_LABEL - APPLICATION_LABEL - SERVICE_LABEL type: string fqdn: description: | DNS resolvable, fully qualified domain name of the virtualservice. Only one of 'fqdn' and 'dns_info' configuration is allowed. title: |- Fqdn type: string group_paths: description: | A list of NSX Groups representing the Clients which can access the Virtual IP of the Virtual Service. items: type: string title: |- Group paths type: array host_name_xlate: description: | Translate the host name sent to the servers to this value. Translate the host name sent from servers back to the value used by the client. title: |- Host name xlate type: string http_policies: description: | HTTP Policies applied on the data traffic of the Virtual Service. items: $ref: '#/definitions/ALBHTTPPolicies' title: |- Http policies type: array ign_pool_net_reach: default: false description: | Ignore Pool servers network reachability constraints for Virtual Service placement. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Ign pool net reach type: boolean l4_policies: description: | L4 Policies applied to the data traffic of the Virtual Service. items: $ref: '#/definitions/ALBL4Policies' title: |- L4 policies type: array limit_doser: default: false description: | Limit potential DoS attackers who exceed max_cps_per_client significantly to a fraction of max_cps_per_client for a while. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Limit doser type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array max_cps_per_client: default: 0 description: | Maximum connections per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1000 minimum: 0 title: |- Max cps per client type: integer min_pools_up: description: |- Minimum number of UP pools to mark VS up. format: int64 title: |- Min pools up type: integer network_profile_path: description: | Determines network settings such as protocol, TCP or UDP, and related options for the protocol. It is a reference to an object of type NetworkProfile. Special default for Essentials edition is System-TCP-Fast-Path. title: |- Network profile path type: string network_security_policy_path: description: | Network security policies for the Virtual Service. It is a reference to an object of type NetworkSecurityPolicy. title: |- Network security policy path type: string performance_limits: $ref: '#/definitions/ALBPerformanceLimits' pool_group_path: description: | The pool group is an object that contains pools. It is a reference to an object of type PoolGroup. title: |- Pool group path type: string pool_path: description: | The pool is an object that contains destination servers and related attributes such as load-balancing and persistence. It is a reference to an object of type Pool. title: |- Pool path type: string remove_listening_port_on_vs_down: default: false description: | Remove listening port if VirtualService is down. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Remove listening port on vs down type: boolean requests_rate_limit: $ref: '#/definitions/ALBRateProfile' saml_sp_config: $ref: '#/definitions/ALBSAMLSPConfig' se_group_name: description: | The Service Engine Group to use for this Virtual Service. Moving to a new SE Group is disruptive to existing connections for this VS. It is a reference to an object of type ServiceEngineGroup. title: |- Se group name type: string security_policy_path: description: | Security policy applied on the traffic of the Virtual Service. This policy is used to perform security actions such as Distributed Denial of Service (DDoS) attack mitigation, etc. It is a reference to an object of type SecurityPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Security policy path type: string server_network_profile_path: description: | Determines the network settings profile for the server side of TCP proxied connections. Leave blank to use the same settings as the client to VS side of the connection. It is a reference to an object of type NetworkProfile. title: |- Server network profile path type: string service_metadata: description: | Metadata pertaining to the Service provided by this virtual service. In Openshift/Kubernetes environments, egress pod info is stored. Any user input to this field will be overwritten by Avi Vantage. title: |- Service metadata type: string service_pool_select: description: |- Select pool based on destination port. items: $ref: '#/definitions/ALBServicePoolSelector' title: |- Service pool select type: array services: description: | List of Services defined for this Virtual Service. Maximum of 2048 items allowed. items: $ref: '#/definitions/ALBService' title: |- Services type: array sideband_profile: $ref: '#/definitions/ALBSidebandProfile' snat_ip: description: | NAT'ted floating source IP Address(es) for upstream connection to servers. Maximum of 32 items allowed. items: $ref: '#/definitions/ALBIpAddr' title: |- Snat ip type: array sp_pool_paths: description: | GSLB pools used to manage site-persistence functionality. Each site-persistence pool contains the virtualservices in all the other sites, that is auto-generated by the GSLB manager. This is a read-only field for the user. It is a reference to an object of type Pool. items: type: string title: |- Sp pool paths type: array ssl_key_and_certificate_paths: description: | Select or create one or two certificates, EC and/or RSA, that will be presented to SSL/TLS terminated connections. It is a reference to an object of type SSLKeyAndCertificate. items: type: string title: |- Ssl key and certificate paths type: array ssl_profile_path: description: | Determines the set of SSL versions and ciphers to accept for SSL/TLS terminated connections. It is a reference to an object of type SSLProfile. title: |- Ssl profile path type: string ssl_profile_selectors: description: | Select SSL Profile based on client IP address match. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBSSLProfileSelector' title: |- Ssl profile selectors type: array ssl_sess_cache_avg_size: default: 1024 description: | Expected number of SSL session cache entries (may be exceeded). Allowed values are 1024-16383. Default value when not specified in API or module is interpreted by ALB Controller as 1024. format: int64 maximum: 16383 minimum: 1024 title: |- Ssl sess cache avg size type: integer sso_policy_path: description: | The SSO Policy attached to the virtualservice. It is a reference to an object of type SSOPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Sso policy path type: string static_dns_records: description: | List of static DNS records applied to this Virtual Service. These are static entries and no health monitoring is performed against the IP addresses. Maximum of 1000 items allowed. items: $ref: '#/definitions/ALBDnsRecord' title: |- Static dns records type: array topology_policies: description: | Topology Policies applied on the dns traffic of the Virtual Service based onGSLB Topology algorithm. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBDnsPolicies' title: |- Topology policies type: array traffic_clone_profile_path: description: | Server network or list of servers for cloning traffic. It is a reference to an object of type TrafficCloneProfile. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Traffic clone profile path type: string traffic_enabled: default: true description: | Knob to enable the Virtual Service traffic on its assigned service engines. This setting is effective only when the enabled flag is set to True. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Traffic enabled type: boolean type: default: VS_TYPE_NORMAL description: | Specify if this is a normal Virtual Service, or if it is the parent or child of an SNI-enabled virtual hosted Virtual Service. Enum options - VS_TYPE_NORMAL, VS_TYPE_VH_PARENT, VS_TYPE_VH_CHILD. Allowed in Basic(Allowed values- VS_TYPE_NORMAL,VS_TYPE_VH_PARENT) edition, Essentials(Allowed values- VS_TYPE_NORMAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as VS_TYPE_NORMAL. enum: - VS_TYPE_NORMAL - VS_TYPE_VH_PARENT - VS_TYPE_VH_CHILD type: string use_bridge_ip_as_vip: default: false description: | Use Bridge IP as VIP on each Host in Mesos deployments. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Use bridge ip as vip type: boolean use_vip_as_snat: default: false description: | Use the Virtual IP as the SNAT IP for health monitoring and sending traffic to the backend servers instead of the Service Engine interface IP. The caveat of enabling this option is that the VirtualService cannot be configured in an Active-Active HA mode. DNS based Multi VIP solution has to be used for HA & Non-disruptive Upgrade purposes. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Use vip as snat type: boolean vh_domain_name: description: | The exact name requested from the client's SNI-enabled TLS hello domain name field. If this is a match, the parent VS will forward the connection to this child VS. items: type: string title: |- Vh domain name type: array vh_parent_vs_uuid: description: | Specifies the Virtual Service acting as Virtual Hosting (SNI) parent. title: |- Vh parent vs uuid type: string vip: description: | List of Virtual Service IPs. While creating a 'Shared VS',please use vsvip_ref to point to the shared entities. items: $ref: '#/definitions/ALBVip' title: |- Vip type: array vrf_context_name: description: | Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext. title: |- Vrf context name type: string vs_datascripts: description: | Datascripts applied on the data traffic of the Virtual Service. items: $ref: '#/definitions/ALBVSDataScripts' title: |- Vs datascripts type: array vsvip_path: description: | Mostly used during the creation of Shared VS, this field refers to entities that can be shared across Virtual Services. It is a reference to an object of type VsVip. title: |- Vsvip path type: string waf_policy_path: description: | WAF policy for the Virtual Service. It is a reference to an object of type WafPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Waf policy path type: string weight: default: 1 description: | The Quality of Service weight to assign to traffic transmitted from this Virtual Service. A higher weight will prioritize traffic versus other Virtual Services sharing the same Service Engines. Allowed values are 1-128. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1. format: int64 maximum: 128 minimum: 1 title: |- Weight type: integer type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer VirtualService object title: |- VirtualService x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVirtualServiceApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of VirtualService items: $ref: '#/definitions/ALBVirtualService' title: |- Array of VirtualService type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | VirtualServiceApiResponse title: |- VirtualServiceApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVsVip: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bgp_peer_labels: description: | Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed. items: type: string title: |- Bgp peer labels type: array cloud_name: description: |- It is a reference to an object of type Cloud. title: |- Cloud name type: string dns_info: description: | Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Maximum of 1000 items allowed. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBDnsInfo' title: |- Dns info type: array east_west_placement: default: false description: | Force placement on all Service Engines in the Service Engine Group (Container clouds only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- East west placement type: boolean markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array tier1_path: description: | This sets the placement scope of virtualservice to given tier1 logical router in Nsx-t. title: |- Tier1 path type: string use_standard_alb: description: | This overrides the cloud level default and needs to match the SE Group value in which it will be used if the SE Group use_standard_alb value is set. This is only used when FIP is used for VS on Azure Cloud. Allowed in Basic edition, Essentials edition, Enterprise edition. title: |- Use standard alb type: boolean vip: description: |- List of Virtual Service IPs and other shareable entities. items: $ref: '#/definitions/ALBVip' title: |- Vip type: array vrf_context_name: description: | Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext. title: |- Vrf context name type: string vsvip_cloud_config_cksum: description: | Checksum of cloud configuration for VsVip. Internally set by cloud connector. title: |- Vsvip cloud config cksum type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer VsVip object title: |- VsVip x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBVsVipApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of VsVip items: $ref: '#/definitions/ALBVsVip' title: |- Array of VsVip type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | VsVipApiResponse title: |- VsVipApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafApplicationSignatures: description: |- Advanced load balancer WafApplicationSignatures object properties: rule_overrides: description: |- Override attributes of application signature rules. items: $ref: '#/definitions/ALBWafRuleOverrides' title: |- Rule overrides type: array ruleset_version: description: |- The version in use of the provided ruleset. title: |- Ruleset version type: string selected_applications: description: | List of applications for which we use the rules from the WafApplicationSignatureProvider. Maximum of 8 items allowed. items: type: string title: |- Selected applications type: array title: |- WafApplicationSignatures type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafCRS: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: groups: description: | WAF Rules are sorted in groups based on their characterization. Maximum of 64 items allowed. items: $ref: '#/definitions/ALBWafRuleGroup' title: |- Groups type: array integrity: description: |- Integrity protection value. title: |- Integrity type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array release_date: description: | The release date of this version in RFC 3339 / ISO 8601 format. title: |- Release date type: string version: description: |- The version of this ruleset object. title: |- Version type: string required: - release_date - version - integrity type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer WafCRS object title: |- WafCRS x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafCRSApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of WafCRS items: $ref: '#/definitions/ALBWafCRS' title: |- Array of WafCRS type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | WafCRSApiResponse title: |- WafCRSApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafConfig: description: |- Advanced load balancer WafConfig object properties: allowed_http_versions: description: | WAF allowed HTTP Versions. Enum options - ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO. Maximum of 8 items allowed. items: description: |- Valid ENUM values for ALBHTTPVersion enum: - ZERO_NINE - ONE_ZERO - ONE_ONE - TWO_ZERO type: string title: |- Allowed http versions type: array allowed_methods: description: | WAF allowed HTTP methods. Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK. items: description: |- Valid ENUM values for ALBHTTPMethod enum: - HTTP_METHOD_GET - HTTP_METHOD_HEAD - HTTP_METHOD_PUT - HTTP_METHOD_DELETE - HTTP_METHOD_POST - HTTP_METHOD_OPTIONS - HTTP_METHOD_TRACE - HTTP_METHOD_CONNECT - HTTP_METHOD_PATCH - HTTP_METHOD_PROPFIND - HTTP_METHOD_PROPPATCH - HTTP_METHOD_MKCOL - HTTP_METHOD_COPY - HTTP_METHOD_MOVE - HTTP_METHOD_LOCK - HTTP_METHOD_UNLOCK type: string title: |- Allowed methods type: array allowed_request_content_types: description: | WAF allowed Content Types. Maximum of 64 items allowed. items: type: string title: |- Allowed request content types type: array argument_separator: default: '&' description: | Argument seperator. Default value when not specified in API or module is interpreted by ALB Controller as &. title: |- Argument separator type: string client_request_max_body_size: default: 32 description: | Maximum size for the client request body scanned by WAF. Allowed values are 1-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 32. format: int64 maximum: 32768 minimum: 1 title: |- Client request max body size type: integer cookie_format_version: default: 0 description: | 0 For Netscape Cookies. 1 For version 1 cookies. Allowed values are 0-1. Default value when not specified in API or module is interpreted by ALB Controller as 0. format: int64 maximum: 1 minimum: 0 title: |- Cookie format version type: integer ignore_incomplete_request_body_error: default: true description: | Ignore request body parsing errors due to partial scanning. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Ignore incomplete request body error type: boolean max_execution_time: default: 50 description: | The maximum period of time WAF processing is allowed to take for a single request. A value of 0 (zero) means no limit and should not be chosen in production deployments. It is only used for exceptional situations where crashes of se_dp processes are acceptable. The behavior of the system if this time is exceeded depends on two other configuration settings, the WAF policy mode and the WAF failure mode. In WAF policy mode 'Detection', the request is allowed and flagged for both failure mode 'Closed' and 'Open'. In enforcement node, 'Closed' means the request is rejected, 'Open' means the request is allowed and flagged. Irrespective of these settings, no subsequent WAF rules of this or other phases will be executed once the maximum execution time has been exceeded. Allowed values are 0-5000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 50. format: int64 maximum: 5000 minimum: 0 title: |- Max execution time type: integer regex_match_limit: default: 30000 description: | Limit CPU utilization for each regular expression match when processing rules. Default value when not specified in API or module is interpreted by ALB Controller as 30000. format: int64 title: |- Regex match limit type: integer regex_recursion_limit: default: 10000 description: | Limit depth of recursion for each regular expression match when processing rules. Default value when not specified in API or module is interpreted by ALB Controller as 10000. format: int64 title: |- Regex recursion limit type: integer request_body_default_action: default: phase:2,deny,status:403,log,auditlog description: | WAF default action for Request Body Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:2,deny,status:403,log,auditlog. title: |- Request body default action type: string request_hdr_default_action: default: phase:1,deny,status:403,log,auditlog description: | WAF default action for Request Header Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:1,deny,status:403,log,auditlog. title: |- Request hdr default action type: string response_body_default_action: default: phase:4,deny,status:403,log,auditlog description: | WAF default action for Response Body Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:4,deny,status:403,log,auditlog. title: |- Response body default action type: string response_hdr_default_action: default: phase:3,deny,status:403,log,auditlog description: | WAF default action for Response Header Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:3,deny,status:403,log,auditlog. title: |- Response hdr default action type: string restricted_extensions: description: | WAF Restricted File Extensions. Maximum of 256 items allowed. items: type: string title: |- Restricted extensions type: array restricted_headers: description: | WAF Restricted HTTP Headers. Maximum of 64 items allowed. items: type: string title: |- Restricted headers type: array server_response_max_body_size: default: 128 description: | Maximum size for response body scanned by WAF. Allowed values are 1-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 128. format: int64 maximum: 32768 minimum: 1 title: |- Server response max body size type: integer static_extensions: description: | WAF Static File Extensions. GET and HEAD requests with no query args and one of these extensions are allowed and not checked by the ruleset. Maximum of 64 items allowed. items: type: string title: |- Static extensions type: array status_code_for_rejected_requests: default: HTTP_RESPONSE_CODE_403 description: | HTTP status code used by WAF Positive Security Model when rejecting a request. Enum options - HTTP_RESPONSE_CODE_0, HTTP_RESPONSE_CODE_100, HTTP_RESPONSE_CODE_101, HTTP_RESPONSE_CODE_200, HTTP_RESPONSE_CODE_201, HTTP_RESPONSE_CODE_202, HTTP_RESPONSE_CODE_203, HTTP_RESPONSE_CODE_204, HTTP_RESPONSE_CODE_205, HTTP_RESPONSE_CODE_206, HTTP_RESPONSE_CODE_300, HTTP_RESPONSE_CODE_301, HTTP_RESPONSE_CODE_302, HTTP_RESPONSE_CODE_303, HTTP_RESPONSE_CODE_304, HTTP_RESPONSE_CODE_305, HTTP_RESPONSE_CODE_307, HTTP_RESPONSE_CODE_400, HTTP_RESPONSE_CODE_401, HTTP_RESPONSE_CODE_402... Default value when not specified in API or module is interpreted by ALB Controller as HTTP_RESPONSE_CODE_403. enum: - HTTP_RESPONSE_CODE_0 - HTTP_RESPONSE_CODE_100 - HTTP_RESPONSE_CODE_101 - HTTP_RESPONSE_CODE_200 - HTTP_RESPONSE_CODE_201 - HTTP_RESPONSE_CODE_202 - HTTP_RESPONSE_CODE_203 - HTTP_RESPONSE_CODE_204 - HTTP_RESPONSE_CODE_205 - HTTP_RESPONSE_CODE_206 - HTTP_RESPONSE_CODE_300 - HTTP_RESPONSE_CODE_301 - HTTP_RESPONSE_CODE_302 - HTTP_RESPONSE_CODE_303 - HTTP_RESPONSE_CODE_304 - HTTP_RESPONSE_CODE_305 - HTTP_RESPONSE_CODE_307 - HTTP_RESPONSE_CODE_400 - HTTP_RESPONSE_CODE_401 - HTTP_RESPONSE_CODE_402 - HTTP_RESPONSE_CODE_403 - HTTP_RESPONSE_CODE_404 - HTTP_RESPONSE_CODE_405 - HTTP_RESPONSE_CODE_406 - HTTP_RESPONSE_CODE_407 - HTTP_RESPONSE_CODE_408 - HTTP_RESPONSE_CODE_409 - HTTP_RESPONSE_CODE_410 - HTTP_RESPONSE_CODE_411 - HTTP_RESPONSE_CODE_412 - HTTP_RESPONSE_CODE_413 - HTTP_RESPONSE_CODE_414 - HTTP_RESPONSE_CODE_415 - HTTP_RESPONSE_CODE_416 - HTTP_RESPONSE_CODE_417 - HTTP_RESPONSE_CODE_426 - HTTP_RESPONSE_CODE_470 - HTTP_RESPONSE_CODE_475 - HTTP_RESPONSE_CODE_500 - HTTP_RESPONSE_CODE_501 - HTTP_RESPONSE_CODE_502 - HTTP_RESPONSE_CODE_503 - HTTP_RESPONSE_CODE_504 - HTTP_RESPONSE_CODE_505 type: string xml_xxe_protection: default: true description: | Block or flag XML requests referring to External Entities. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Xml xxe protection type: boolean title: |- WafConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafDataFile: description: |- Advanced load balancer WafDataFile object properties: data: description: |- Stringified WAF File Data. title: |- Data type: string name: description: |- WAF Data File Name. title: |- Name type: string type: default: WAF_DATAFILE_PM_FROM_FILE description: | WAF data file type. Enum options - WAF_DATAFILE_PM_FROM_FILE, WAF_DATAFILE_DTD, WAF_DATAFILE_XSD. Default value when not specified in API or module is interpreted by ALB Controller as WAF_DATAFILE_PM_FROM_FILE. enum: - WAF_DATAFILE_PM_FROM_FILE - WAF_DATAFILE_DTD - WAF_DATAFILE_XSD type: string required: - data - name title: |- WafDataFile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafExcludeListEntry: description: |- Advanced load balancer WafExcludeListEntry object properties: client_subnet: $ref: '#/definitions/ALBIpAddrPrefix' description: description: |- Free-text comment about this exclusion. title: |- Description type: string match_element: description: | The match_element can be 'ARGS xxx', 'ARGS_GET xxx', 'ARGS_POST xxx', 'ARGS_NAMES xxx', 'FILES xxx', 'QUERY_STRING', 'REQUEST_BASENAME', 'REQUEST_BODY', 'REQUEST_URI', 'REQUEST_URI_RAW', 'REQUEST_COOKIES xxx', 'REQUEST_HEADERS xxx' or 'RESPONSE_HEADERS xxx'. These match_elements in the HTTP Transaction (if present) will be excluded when executing WAF Rules. title: |- Match element type: string match_element_criteria: $ref: '#/definitions/ALBWafExclusionType' uri_match_criteria: $ref: '#/definitions/ALBWafExclusionType' uri_path: description: |- URI Path to exclude for WAF rules. title: |- Uri path type: string title: |- WafExcludeListEntry type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafExclusionType: description: |- Advanced load balancer WafExclusionType object properties: match_case: default: SENSITIVE description: | Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as SENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_op: default: EQUALS description: | String Operation to use for matching the Exclusion. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Default value when not specified in API or module is interpreted by ALB Controller as EQUALS. enum: - BEGINS_WITH - DOES_NOT_BEGIN_WITH - CONTAINS - DOES_NOT_CONTAIN - ENDS_WITH - DOES_NOT_END_WITH - EQUALS - DOES_NOT_EQUAL - REGEX_MATCH - REGEX_DOES_NOT_MATCH type: string title: |- WafExclusionType type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPSMLocation: description: |- Advanced load balancer WafPSMLocation object properties: description: description: |- Free-text comment about this location. title: |- Description type: string index: description: | Location index, this is used to determine the order of the locations. format: int64 title: |- Index type: integer match: $ref: '#/definitions/ALBWafPSMLocationMatch' name: description: | User defined name for this location, it must be unique in the group. title: |- Name type: string rules: description: | A list of rules which should be applied on this location. Maximum of 1024 items allowed. items: $ref: '#/definitions/ALBWafPSMRule' title: |- Rules type: array required: - index - name title: |- WafPSMLocation type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPSMLocationMatch: description: |- Advanced load balancer WafPSMLocationMatch object properties: host: $ref: '#/definitions/ALBHostHdrMatch' methods: $ref: '#/definitions/ALBMethodMatch' path: $ref: '#/definitions/ALBPathMatch' title: |- WafPSMLocationMatch type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPSMMatchElement: description: |- Advanced load balancer WafPSMMatchElement object properties: excluded: default: false description: | Mark this element excluded, like in '!ARGS password'. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Excluded type: boolean index: description: |- Match_element index. format: int64 title: |- Index type: integer name: description: | The variable specification. For example ARGS or REQUEST_COOKIES. This can be a scalar like PATH_INFO. Enum options - WAF_VARIABLE_ARGS, WAF_VARIABLE_ARGS_GET, WAF_VARIABLE_ARGS_POST, WAF_VARIABLE_ARGS_NAMES, WAF_VARIABLE_REQUEST_COOKIES, WAF_VARIABLE_QUERY_STRING, WAF_VARIABLE_REQUEST_BASENAME, WAF_VARIABLE_REQUEST_URI, WAF_VARIABLE_PATH_INFO. enum: - WAF_VARIABLE_ARGS - WAF_VARIABLE_ARGS_GET - WAF_VARIABLE_ARGS_POST - WAF_VARIABLE_ARGS_NAMES - WAF_VARIABLE_REQUEST_COOKIES - WAF_VARIABLE_QUERY_STRING - WAF_VARIABLE_REQUEST_BASENAME - WAF_VARIABLE_REQUEST_URI - WAF_VARIABLE_PATH_INFO type: string sub_element: description: | The name of the request collection element. This can be empty, if we address the whole collection or a scalar element. title: |- Sub element type: string required: - index - name title: |- WafPSMMatchElement type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPSMRule: description: |- Advanced load balancer WafPSMRule object properties: description: description: |- Free-text comment about this rule. title: |- Description type: string enable: default: true description: | Enable or disable this rule. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean index: description: | Rule index, this is used to determine the order of the rules. format: int64 title: |- Index type: integer match_case: default: INSENSITIVE description: | The field match_value_pattern regular expression is case sensitive. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE. enum: - SENSITIVE - INSENSITIVE type: string match_elements: description: | The match elements, for example ARGS id or ARGS|!ARGS password. Maximum of 64 items allowed. items: $ref: '#/definitions/ALBWafPSMMatchElement' title: |- Match elements type: array match_value_max_length: description: | The maximum allowed length of the match_value. If this is not set, the length will not be checked. format: int64 title: |- Match value max length type: integer match_value_pattern: description: |- A regular expression which describes the expected value. title: |- Match value pattern type: string mode: description: | WAF Rule mode. This can be detection or enforcement. If this is not set, the Policy mode is used. This only takes effect if the policy allows delegation. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. enum: - WAF_MODE_DETECTION_ONLY - WAF_MODE_ENFORCEMENT type: string name: description: |- Name of the rule. title: |- Name type: string paranoia_level: default: WAF_PARANOIA_LEVEL_LOW description: | WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Default value when not specified in API or module is interpreted by ALB Controller as WAF_PARANOIA_LEVEL_LOW. enum: - WAF_PARANOIA_LEVEL_LOW - WAF_PARANOIA_LEVEL_MEDIUM - WAF_PARANOIA_LEVEL_HIGH - WAF_PARANOIA_LEVEL_EXTREME type: string rule_id: description: | Id field which is used for log and metric generation. This id must be unique for all rules in this group. title: |- Rule id type: string required: - index - rule_id - name title: |- WafPSMRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: allow_mode_delegation: default: true description: | Allow Rules to overwrite the policy mode. This must be set if the policy mode is set to enforcement. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Allow mode delegation type: boolean application_signatures: $ref: '#/definitions/ALBWafApplicationSignatures' confidence_override: $ref: '#/definitions/ALBAppLearningConfidenceOverride' created_by: description: |- Creator name. title: |- Created by type: string crs_overrides: description: |- Override attributes for CRS rules. items: $ref: '#/definitions/ALBWafRuleGroupOverrides' title: |- Crs overrides type: array enable_app_learning: default: false description: | Enable Application Learning for this WAF policy. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Enable app learning type: boolean enable_auto_rule_updates: default: true description: | Enable Application Learning based rule updates on the WAF Profile. Rules will be programmed in dedicated WAF learning group. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable auto rule updates type: boolean failure_mode: default: WAF_FAILURE_MODE_OPEN description: | WAF Policy failure mode. This can be 'Open' or 'Closed'. Enum options - WAF_FAILURE_MODE_OPEN, WAF_FAILURE_MODE_CLOSED. Default value when not specified in API or module is interpreted by ALB Controller as WAF_FAILURE_MODE_OPEN. enum: - WAF_FAILURE_MODE_OPEN - WAF_FAILURE_MODE_CLOSED type: string learning_params: $ref: '#/definitions/ALBAppLearningParams' markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array min_confidence: default: CONFIDENCE_VERY_HIGH description: | Minimum confidence label required for auto rule updates. Enum options - CONFIDENCE_VERY_HIGH, CONFIDENCE_HIGH, CONFIDENCE_PROBABLE, CONFIDENCE_LOW, CONFIDENCE_NONE. Default value when not specified in API or module is interpreted by ALB Controller as CONFIDENCE_VERY_HIGH. enum: - CONFIDENCE_VERY_HIGH - CONFIDENCE_HIGH - CONFIDENCE_PROBABLE - CONFIDENCE_LOW - CONFIDENCE_NONE type: string mode: default: WAF_MODE_DETECTION_ONLY description: | WAF Policy mode. This can be detection or enforcement. It can be overwritten by rules if allow_mode_delegation is set. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Default value when not specified in API or module is interpreted by ALB Controller as WAF_MODE_DETECTION_ONLY. enum: - WAF_MODE_DETECTION_ONLY - WAF_MODE_ENFORCEMENT type: string paranoia_level: default: WAF_PARANOIA_LEVEL_LOW description: | WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level tag. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Default value when not specified in API or module is interpreted by ALB Controller as WAF_PARANOIA_LEVEL_LOW. enum: - WAF_PARANOIA_LEVEL_LOW - WAF_PARANOIA_LEVEL_MEDIUM - WAF_PARANOIA_LEVEL_HIGH - WAF_PARANOIA_LEVEL_EXTREME type: string positive_security_model: $ref: '#/definitions/ALBWafPositiveSecurityModel' post_crs_groups: description: | WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the CRS groups. items: $ref: '#/definitions/ALBWafRuleGroup' title: |- Post crs groups type: array pre_crs_groups: description: | WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the CRS groups. items: $ref: '#/definitions/ALBWafRuleGroup' title: |- Pre crs groups type: array waf_crs_path: description: | WAF core ruleset used for the CRS part of this Policy. It is a reference to an object of type WafCRS. title: |- Waf crs path type: string waf_profile_path: description: | WAF Profile for WAF policy. It is a reference to an object of type WafProfile. title: |- Waf profile path type: string required: - waf_profile_path type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer WafPolicy object title: |- WafPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPolicyApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of WafPolicy items: $ref: '#/definitions/ALBWafPolicy' title: |- Array of WafPolicy type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | WafPolicyApiResponse title: |- WafPolicyApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPolicyPSMGroup: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enable: default: true description: | Enable or disable this WAF rule group. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean hit_action: default: WAF_ACTION_ALLOW_PARAMETER description: | If a rule in this group matches the match_value pattern, this action will be executed. Allowed actions are WAF_ACTION_NO_OP and WAF_ACTION_ALLOW_PARAMETER. Default value when not specified in API or module is interpreted by ALB Controller as WAF_ACTION_ALLOW_PARAMETER. enum: - WAF_ACTION_NO_OP - WAF_ACTION_BLOCK - WAF_ACTION_ALLOW_PARAMETER type: string is_learning_group: default: false description: | This field indicates that this group is used for learning. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is learning group type: boolean locations: description: | Positive Security Model locations. These are used to partition the application name space. Maximum of 16384 items allowed. items: $ref: '#/definitions/ALBWafPSMLocation' title: |- Locations type: array markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array miss_action: default: WAF_ACTION_NO_OP description: | If a rule in this group does not match the match_value pattern, this action will be executed. Allowed actions are WAF_ACTION_NO_OP and WAF_ACTION_BLOCK. Default value when not specified in API or module is interpreted by ALB Controller as WAF_ACTION_NO_OP. enum: - WAF_ACTION_NO_OP - WAF_ACTION_BLOCK - WAF_ACTION_ALLOW_PARAMETER type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer WafPolicyPSMGroup object title: |- WafPolicyPSMGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPolicyPSMGroupApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of WafPolicyPSMGroup items: $ref: '#/definitions/ALBWafPolicyPSMGroup' title: |- Array of WafPolicyPSMGroup type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | WafPolicyPSMGroupApiResponse title: |- WafPolicyPSMGroupApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafPositiveSecurityModel: description: |- Advanced load balancer WafPositiveSecurityModel object properties: group_paths: description: | These groups should be used to separate different levels of concern. The order of the groups matters, one group may mark parts of the request as valid, so that subsequent groups will not check these parts. It is a reference to an object of type WafPolicyPSMGroup. Maximum of 64 items allowed. items: type: string title: |- Group paths type: array title: |- WafPositiveSecurityModel type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: config: $ref: '#/definitions/ALBWafConfig' files: description: | List of Data Files Used for WAF Rules. Maximum of 64 items allowed. items: $ref: '#/definitions/ALBWafDataFile' title: |- Files type: array markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array required: - config type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer WafProfile object title: |- WafProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafProfileApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of WafProfile items: $ref: '#/definitions/ALBWafProfile' title: |- Array of WafProfile type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | WafProfileApiResponse title: |- WafProfileApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafRule: description: |- Advanced load balancer WafRule object properties: avi_tags: description: | Tags for WAF rule as per Modsec language. They are extracted from the tag actions in a Modsec rule. This field is generated from the rule itself and cannot be set by the user. Maximum of 64 items allowed. items: type: string title: |- Avi tags type: array enable: default: true description: | Enable or disable WAF Rule Group. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean exclude_list: description: | Exclude list for the WAF rule. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Maximum of 64 items allowed. items: $ref: '#/definitions/ALBWafExcludeListEntry' title: |- Exclude list type: array index: description: |- Number of index. format: int64 title: |- Index type: integer is_sensitive: default: false description: | The rule field is sensitive and will not be displayed. Default value when not specified in API or module is interpreted by ALB Controller as false. title: |- Is sensitive type: boolean mode: description: | WAF Rule mode. This can be detection or enforcement. If this is not set, the Policy mode is used. This only takes effect if the policy allows delegation. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. enum: - WAF_MODE_DETECTION_ONLY - WAF_MODE_ENFORCEMENT type: string name: description: |- User-friendly optional name for a rule. title: |- Name type: string phase: description: | The execution phase where this rule will be executed. Enum options - WAF_PHASE_CONNECTION, WAF_PHASE_REQUEST_HEADER, WAF_PHASE_REQUEST_BODY, WAF_PHASE_RESPONSE_HEADER, WAF_PHASE_RESPONSE_BODY, WAF_PHASE_LOGGING. enum: - WAF_PHASE_CONNECTION - WAF_PHASE_REQUEST_HEADER - WAF_PHASE_REQUEST_BODY - WAF_PHASE_RESPONSE_HEADER - WAF_PHASE_RESPONSE_BODY - WAF_PHASE_LOGGING type: string rule: description: |- Rule as per Modsec language. title: |- Rule type: string rule_id: description: | Identifier (id) for a rule per Modsec language. All SecRule and SecAction directives require an id. It is extracted from the id action in a Modsec rule. Rules within a single WAF Policy are required to have unique rule_ids. title: |- Rule id type: string required: - index - rule title: |- WafRule type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafRuleGroup: description: |- Advanced load balancer WafRuleGroup object properties: enable: default: true description: | Enable or disable WAF Rule Group. Default value when not specified in API or module is interpreted by ALB Controller as true. title: |- Enable type: boolean exclude_list: description: | Exclude list for the WAF rule group. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Maximum of 64 items allowed. items: $ref: '#/definitions/ALBWafExcludeListEntry' title: |- Exclude list type: array index: description: |- Number of index. format: int64 title: |- Index type: integer name: description: |- Name of the object. title: |- Name type: string rules: description: | Rules as per Modsec language. Maximum of 1024 items allowed. items: $ref: '#/definitions/ALBWafRule' title: |- Rules type: array required: - index - name title: |- WafRuleGroup type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafRuleGroupOverrides: description: |- Advanced load balancer WafRuleGroupOverrides object properties: enable: description: |- Override the enable flag for this group. title: |- Enable type: boolean exclude_list: description: | Replace the exclude list for this group. Maximum of 64 items allowed. items: $ref: '#/definitions/ALBWafExcludeListEntry' title: |- Exclude list type: array mode: description: | Override the waf mode for this group. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. enum: - WAF_MODE_DETECTION_ONLY - WAF_MODE_ENFORCEMENT type: string name: description: | The name of the group where attributes or rules are overridden. title: |- Name type: string rule_overrides: description: | Rule specific overrides. Maximum of 1024 items allowed. items: $ref: '#/definitions/ALBWafRuleOverrides' title: |- Rule overrides type: array required: - name title: |- WafRuleGroupOverrides type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWafRuleOverrides: description: |- Advanced load balancer WafRuleOverrides object properties: enable: description: |- Override the enable flag for this rule. title: |- Enable type: boolean exclude_list: description: | Replace the exclude list for this rule. Maximum of 64 items allowed. items: $ref: '#/definitions/ALBWafExcludeListEntry' title: |- Exclude list type: array mode: description: | Override the waf mode for this rule. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. enum: - WAF_MODE_DETECTION_ONLY - WAF_MODE_ENFORCEMENT type: string rule_id: description: |- The rule_id of the rule where attributes are overridden. title: |- Rule id type: string required: - rule_id title: |- WafRuleOverrides type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWebhook: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: callback_url: description: |- Callback URL for the Webhook. title: |- Callback url type: string markers: description: | List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition. items: $ref: '#/definitions/ALBRoleFilterMatchLabel' title: |- Markers type: array verification_token: description: | Verification token sent back with the callback asquery parameters. title: |- Verification token type: string type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: |- Advanced load balancer Webhook object title: |- Webhook x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALBWebhookApiResponse: allOf: - $ref: '#/definitions/ListResult' - properties: count: default: null description: | count format: int32 title: |- count type: integer results: description: | Array of Webhook items: $ref: '#/definitions/ALBWebhook' title: |- Array of Webhook type: array type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | WebhookApiResponse title: |- WebhookApiResponse x-vmw-nsx-module: PolicyAdvancedLoadBalancer ALGTypeServiceEntry: allOf: - $ref: '#/definitions/ServiceEntry' - properties: alg: description: | The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead. enum: - ORACLE_TNS - FTP - SUN_RPC_TCP - SUN_RPC_UDP - MS_RPC_TCP - MS_RPC_UDP - NBNS_BROADCAST - NBDG_BROADCAST - TFTP title: |- The Application Layer Gateway (ALG) protocol type: string destination_ports: description: |- The destination_port cannot be empty and must be a single value. items: description: | Examples- Single port "8080", Range of ports "8090-8095" format: port-or-range type: string maxItems: 1 minItems: 1 title: |- The destination_port cannot be empty and must be a single value. type: array source_ports: items: description: | Examples- Single port "8080", Range of ports "8090-8095" format: port-or-range type: string maxItems: 15 type: array required: - alg - destination_ports type: object x-vmw-nsx-module: Policy description: |- An ServiceEntry that represents an ALG protocol title: |- An ServiceEntry that represents an ALG protocol x-vmw-nsx-module: Policy AbstractSpace: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: connectivity_strategy: description: | The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use "allow" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use "drop" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added. enum: - WHITELIST - BLACKLIST - WHITELIST_ENABLE_LOGGING - BLACKLIST_ENABLE_LOGGING - NONE title: |- Connectivity strategy used by this tenant type: string x-deprecated: true type: object x-vmw-nsx-module: Policy description: |- Represents the space in which the policy is being defined. title: |- The space in which policy is being defined x-vmw-nsx-module: Policy AcceptableComponentVersion: allOf: - $ref: '#/definitions/VersionList' - properties: component_type: description: |- Node type enum: - HOST - EDGE - CCP - MP title: |- Node type type: string required: - component_type type: object x-vmw-nsx-module: VersionWhitelist x-vmw-nsx-module: VersionWhitelist AcceptableComponentVersionList: properties: results: description: |- Acceptable version whitelist for different components items: $ref: '#/definitions/AcceptableComponentVersion' title: |- Acceptable version whitelist for different components type: array required: - results type: object x-vmw-nsx-module: VersionWhitelist Action: description: | Reaction Action is the action to take when the stipulated criteria specified in the event exist over the source. Some example actions include: - Notify Admin (or VMC's SRE) via email. - Populate a specific label with the IPSec VPN Session. - Remove the IPSec VPN Session from a specific label. discriminator: resource_type properties: resource_type: description: | Reaction Action resource type. enum: - PatchResources - SetFields title: |- Resource Type type: string required: - resource_type title: |- Reaction Action type: object x-vmw-nsx-module: PolicyReaction ActionableResource: allOf: - $ref: '#/definitions/ManagedResource' - properties: ip_address: description: |- A resource reference on which actions can be performed format: hostname-or-ip title: |- A resource reference on which actions can be performed type: string type: object x-vmw-nsx-module: ClusterRestore description: |- Resources managed during restore process title: |- Resources managed during restore process x-vmw-nsx-module: ClusterRestore ActionableResourceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List results items: $ref: '#/definitions/ActionableResource' title: |- List results type: array required: - results type: object x-vmw-nsx-module: ClusterRestore x-vmw-nsx-module: ClusterRestore ActiveDirectoryIdentitySource: allOf: - $ref: '#/definitions/LdapIdentitySource' - type: object x-vmw-nsx-module: LdapIdentitySources description: |- An identity source service that runs Microsoft Active Directory. The service allows selected user accounts defined in Active Directory to log into and access NSX-T. title: |- An Active Directory identity source service x-vmw-nsx-module: LdapIdentitySources AddALBControllerNodeVMInfo: description: | Contains a list of Advanced Load Balancer controller node VM deployment requests. properties: deployment_requests: description: | Advanced Load Balancer Controller deployment requests to be deployed by NSX. items: $ref: '#/definitions/ALBControllerNodeVMDeploymentRequest' minItems: 1 title: |- List of deployment requests type: array required: - deployment_requests title: |- Info for AddALBControllerNodeVM type: object x-vmw-nsx-module: PolicyALBControllerDeployment AddressBindingEntry: description: | An address binding entry is a combination of the IP-MAC-VLAN binding for a logical port. The address bindings can be obtained via various methods like ARP snooping, DHCP snooping etc. or by user configuration. properties: binding: $ref: '#/definitions/PacketAddressClassifier' binding_timestamp: description: | Timestamp at which the binding was discovered via snooping or manually specified by the user format: int64 type: integer source: default: UNKNOWN description: |- Source from which the address binding entry was obtained enum: - INVALID - UNKNOWN - USER_DEFINED - ARP_SNOOPING - DHCP_SNOOPING - VM_TOOLS - ND_SNOOPING - DHCPV6_SNOOPING - VM_TOOLS_V6 type: string title: |- Combination of IP-MAC-VLAN binding type: object x-vmw-nsx-module: LogicalPort AdvanceClusterRestoreInput: properties: id: description: | Unique id of an instruction (as returned by the GET /restore/status call) for which input is to be provided readOnly: true title: | Unique id of an instruction (as returned by the GET /restore/status call) for which input is to be provided type: string resources: description: |- List of resources for which the instruction is applicable. items: $ref: '#/definitions/SelectableResourceReference' title: |- List of resources for which the instruction is applicable. type: array required: - resources type: object x-vmw-nsx-module: ClusterRestore AdvanceClusterRestoreRequest: properties: data: description: |- List of instructions and their associated data items: $ref: '#/definitions/AdvanceClusterRestoreInput' title: |- List of instructions and their associated data type: array required: - data type: object x-vmw-nsx-module: ClusterRestore AdvanceServiceConfig: description: | Contain optional configuration for deployment. properties: kubectl_tool: description: |- Filename of uploaded Kubernetes tools readOnly: true title: |- Filename of uploaded Kubernetes tools type: string service_name: description: |- FQDN to access deployment pod. title: |- FQDN to access deployment pod type: string title: |- Advanced deployment configuration type: object x-vmw-nsx-module: PolicyCloudNative AgentStatus: properties: name: description: |- Agent name enum: - NSX_AGENT - NSX_OPSAGENT - NSX_CFGAGENT - NSX_NESTDB title: |- Agent name type: string status: description: |- Agent status enum: - UP - DOWN - UNKNOWN title: |- Agent status type: string type: object x-vmw-nsx-module: Heatmap AgentStatusCount: properties: agents: description: |- List of agent statuses belonging to the transport node items: $ref: '#/definitions/AgentStatus' title: |- NSX agents status type: array down_count: description: |- Down count format: int32 title: |- Down count type: integer status: description: |- Roll-up agent status enum: - UP - DOWN - UNKNOWN title: |- Roll-up agent status type: string up_count: description: |- Up count format: int32 title: |- Up count type: integer type: object x-vmw-nsx-module: Heatmap AggregateDNSForwarderStatistics: description: | Aggregate of DNS forwarder statistics across enforcement points. properties: intent_path: description: | String path of the DNS forwarder intent. title: |- String path of the DNS forwarder intent type: string statistics_per_enforcement_point: description: | List of DNS forwarder statistics per enforcement point. items: $ref: '#/definitions/DNSForwarderStatisticsPerEnforcementPoint' readOnly: true title: |- List of DNS forwarder statistics per enforcement point type: array required: - intent_path title: |- Aggregate of DNS forwarder statistics type: object x-vmw-nsx-module: PolicyDNSStatistics AggregateDNSForwarderStatus: description: | Aggregate of DNS forwarder status across enforcement points. properties: intent_path: description: | String path of the DNS forwarder intent. title: |- String path of the DNS forwarder intent type: string status_per_enforcement_point: description: | List of DNS forwarder status per enforcement point. items: $ref: '#/definitions/DNSForwarderStatusPerEnforcementPoint' readOnly: true title: |- List of DNS forwarder status per enforcement point type: array required: - intent_path title: |- Aggregate of DNS forwarder status type: object x-vmw-nsx-module: PolicyDNSStatistics AggregateIPSecVpnSessionStatistics: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: | List of IPSec VPN Session Statistics per Enforcement Point. items: $ref: '#/definitions/IPSecVpnSessionStatisticsPerEP' readOnly: true title: |- List of IPSec VPN Session Statistics per Enforcement Point type: array type: object x-vmw-nsx-module: PolicyVpnStats description: | Aggregate of IPSec VPN Session Statistics across Enforcement Points. title: |- Aggregate of IPSec VPN Session Statistics x-vmw-nsx-module: PolicyVpnStats AggregateIPSecVpnSessionStatus: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: | List of IPSec VPN Session Status per Enforcement Point. items: $ref: '#/definitions/IPSecVpnSessionStatusPerEP' readOnly: true title: |- List of IPSec VPN Session Status per Enforcement Point type: array type: object x-vmw-nsx-module: PolicyVpnStats description: | Aggregate of IPSec VPN Session Status across Enforcement Points. title: |- Aggregate of IPSec VPN Session Status x-vmw-nsx-module: PolicyVpnStats AggregateL2VPNSessionPeerConfig: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: | List of L2VPN Session peer config per Enforcement Point. items: $ref: '#/definitions/L2VPNSessionPeerConfigPerEP' readOnly: true title: |- List of L2VPN Session Peer config per Enforcement Point type: array type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: | Aggregate of L2VPN Session peer config across Enforcement Points. title: |- Aggregate of L2VPN Session Peer Config x-vmw-nsx-module: PolicyVpnLayer2VPN AggregateL2VPNSessionStatistics: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: | List of L2VPN Session Statistics per Enforcement Point. items: $ref: '#/definitions/L2VPNSessionStatisticsPerEP' readOnly: true title: |- List of L2VPN Session Statistics per Enforcement Point type: array type: object x-vmw-nsx-module: PolicyVpnStats description: | Aggregate of L2VPN Session Statistics across Enforcement Points. title: |- Aggregate of L2VPN Session Statistics x-vmw-nsx-module: PolicyVpnStats AggregateL2VPNSessionStatus: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: | List of L2VPN Session Status per Enforcement Point. items: $ref: '#/definitions/L2VPNSessionStatusPerEP' readOnly: true title: |- List of L2VPN Session Status per Enforcement Point type: array type: object x-vmw-nsx-module: PolicyVpnStats description: | Aggregate of L2VPN Session Status across Enforcement Points. title: |- Aggregate of L2VPN Session Status x-vmw-nsx-module: PolicyVpnStats AggregateL2VpnPeerConfig: description: | Aggregate of L2Vpn peer config across Enforcement Points. properties: l2vpn_path: description: | Policy path referencing the L2Vpn. title: |- L2Vpn Policy path type: string l2vpn_peer_config_per_enforcement_point: description: | List of L2Vpn peer config per Enforcement Point. items: $ref: '#/definitions/L2VpnPeerConfigPerEnforcementPoint' readOnly: true title: |- List of L2Vpn Peer config per Enforcement Point type: array required: - l2vpn_path title: |- Aggregate of L2Vpn Peer Config type: object x-vmw-nsx-module: PolicyL2Vpn AggregateL2VpnSessionRemoteMac: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: l2vpn_session_remote_macs: description: |- List of L2Vpn Session remote mac items: $ref: '#/definitions/L2VpnSessionRemoteMacPerEP' readOnly: true title: |- List of L2Vpn Session remote mac type: array type: object x-vmw-nsx-module: PolicyVPNStatistics description: | Aggregate of L2Vpn session remote mac across enforcement points. title: |- Aggregate of L2Vpn Session Remote Mac x-vmw-nsx-module: PolicyVPNStatistics AggregateL2VpnStatistics: description: | Aggregate of L2Vpn Statistics across Enforcement Points. properties: intent_path: description: | Intent path of object, forward slashes must be escaped using %2F. title: |- String Path of the intent object type: string l2vpn_statistics_per_enforcement_point: description: | List of L2Vpn Statistics per Enforcement Point. items: $ref: '#/definitions/L2VpnStatisticsPerEnforcementPoint' readOnly: true title: |- List of L2Vpn Statistics per Enforcement Point type: array required: - intent_path title: |- Aggregate L2Vpn Statistics type: object x-vmw-nsx-module: PolicyVPNStatistics AggregateL3VpnStatistics: description: | Aggregate of L3Vpn Statistics across Enforcement Points. properties: intent_path: description: | Intent path of object, forward slashes must be escaped using %2F. title: |- String Path of the intent object type: string l3vpn_statistics_per_enforcement_point: description: | List of L3Vpn Statistics per Enforcement Point. items: $ref: '#/definitions/L3VpnStatisticsPerEnforcementPoint' readOnly: true title: |- List of L3Vpn Statistics per Enforcement Point type: array required: - intent_path title: |- Aggregate of L3Vpn Statistics type: object x-vmw-nsx-module: PolicyVPNStatistics AggregateLBNodeUsageSummary: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBNodeUsageSummary list results. items: $ref: '#/definitions/LBNodeUsageSummary' readOnly: true title: |- LBNodeUsageSummary list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Aggregate of LBNodeUsageSummary across Enforcement Points. title: |- Aggregate of LBNodeUsageSummary across Enforcement Points. x-vmw-nsx-module: PolicyLBStatistics AggregateLBPoolStatistics: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBPoolStatisticsPerEP list results. items: $ref: '#/definitions/LBPoolStatisticsPerEP' readOnly: true title: |- LBPoolStatisticsPerEP list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Paged Collection of LBPoolStatisticsPerEP title: |- Paged Collection of LBPoolStatisticsPerEP x-vmw-nsx-module: PolicyLBStatistics AggregateLBPoolStatus: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBPoolStatusPerEP list results. items: $ref: '#/definitions/LBPoolStatusPerEP' readOnly: true title: |- LBPoolStatusPerEP list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Paged Collection of LBPoolStatusPerEP title: |- Paged Collection of LBPoolStatusPerEP x-vmw-nsx-module: PolicyLBStatistics AggregateLBServiceStatistics: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBServiceStatisticsPerEP list results. items: $ref: '#/definitions/LBServiceStatisticsPerEP' readOnly: true title: |- LBServiceStatisticsPerEP list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Paged Collection of LBServiceStatisticsPerEP title: |- Paged Collection of LBServiceStatisticsPerEP x-vmw-nsx-module: PolicyLBStatistics AggregateLBServiceStatus: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBServiceStatusPerEP list results. items: $ref: '#/definitions/LBServiceStatusPerEP' readOnly: true title: |- LBServiceStatusPerEP list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Paged Collection of LBServiceStatusPerEP title: |- Paged Collection of LBServiceStatusPerEP x-vmw-nsx-module: PolicyLBStatistics AggregateLBServiceUsage: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBServiceUsagePerEP list results. items: $ref: '#/definitions/LBServiceUsagePerEP' readOnly: true title: |- LBServiceUsagePerEP list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Aggregate of LBServiceUsagePerEP across Enforcement Points. title: |- Aggregate of LBServiceUsagePerEP across Enforcement Points. x-vmw-nsx-module: PolicyLBStatistics AggregateLBVirtualServerStatistics: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBVirtualServerStatisticsPerEP list results. items: $ref: '#/definitions/LBVirtualServerStatisticsPerEP' readOnly: true title: |- LBVirtualServerStatisticsPerEP list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Paged Collection of LBVirtualServerStatisticsPerEP title: |- Paged Collection of LBVirtualServerStatisticsPerEP x-vmw-nsx-module: PolicyLBStatistics AggregateLBVirtualServerStatus: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: results: description: |- LBVirtualServerStatusPerEP list results. items: $ref: '#/definitions/LBVirtualServerStatusPerEP' readOnly: true title: |- LBVirtualServerStatusPerEP list results type: array type: object x-vmw-nsx-module: PolicyLBStatistics description: |- Paged Collection of LBVirtualServerStatusPerEP title: |- Paged Collection of LBVirtualServerStatusPerEP x-vmw-nsx-module: PolicyLBStatistics AggregatePolicyDnsAnswer: description: | Aggregate of DNS forwarder nslookup answer across enforcement points. properties: dns_answer_per_enforcement_point: description: | List of DNS forwarder nslookup answer per enforcement point. items: $ref: '#/definitions/PolicyDnsAnswerPerEnforcementPoint' readOnly: true title: |- List of DNS forwarder nslookup answer per enforcement point type: array intent_path: description: | String path of the DNS forwarder intent. title: |- String path of the DNS forwarder intent type: string required: - intent_path title: |- Aggregate of DNS forwarder nslookup answer type: object x-vmw-nsx-module: PolicyDnsForwarder AggregatePolicyRuntimeInfo: description: | Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points. properties: intent_path: description: | Intent path of object, forward slashes must be escaped using %2F. readOnly: true title: |- String Path of the intent object type: string title: |- Aggregate of PolicyRuntimeInfoPerEP type: object x-vmw-nsx-module: PolicyBaseStatistics AggregatedDataCounter: properties: rx_bytes: $ref: '#/definitions/DataCounter' rx_packets: $ref: '#/definitions/DataCounter' tx_bytes: $ref: '#/definitions/DataCounter' tx_packets: $ref: '#/definitions/DataCounter' type: object x-vmw-nsx-module: AggSvcL2Types AggregatedDataCounterEx: allOf: - $ref: '#/definitions/AggregatedDataCounter' - properties: dropped_by_security_packets: $ref: '#/definitions/PacketsDroppedBySecurity' mac_learning: $ref: '#/definitions/MacLearningCounters' type: object x-vmw-nsx-module: AggSvcL2Types x-vmw-nsx-module: AggSvcL2Types AggregatedLogicalRouterPortCounters: properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer rx: $ref: '#/definitions/LogicalRouterPortCounters' tx: $ref: '#/definitions/LogicalRouterPortCounters' type: object x-vmw-nsx-module: AggSvcLogicalRouterPort AlbControllerClusterRuntimeError: description: |- Advanced Load Balancer controller cluster runtime error. properties: error_code: description: | Advanced Load Balancer cluster runtime error code. format: int32 readOnly: true title: |- Advanced Load Balancer cluster runtime error code type: integer error_message: description: | Advanced Load Balancer cluster runtime error msg. readOnly: true title: |- Advanced Load Balancer cluster runtime error msg type: string title: |- Advanced Load Balancer controller cluster runtime error type: object x-vmw-nsx-module: PolicyALBControllerDeployment AlbControllerVsphereClusterNodeVmDeploymentConfig: allOf: - $ref: '#/definitions/ALBControllerNodeVMDeploymentConfig' - properties: compute_id: description: | The Advanced Load Balancer controller node VM will be deployed on the specified cluster or resourcepool for specified VC server. title: |- Cluster identifier or resourcepool identifier type: string default_gateway_addresses: description: | The default gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network. items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 1 minItems: 1 title: |- Default gateway for the VM type: array disk_provisioning: default: THIN description: | Specifies the disk provisioning type of the VM. enum: - THIN - LAZY_ZEROED_THICK - EAGER_ZEROED_THICK type: string display_name: description: | Desired display name for Advanced Load Balancer controller VM to be deployed. title: |- Advanced Load Balancer controller VM display name type: string dns_servers: description: | List of DNS servers. items: description: |- IPv4 address format: ipv4 type: string title: |- DNS servers. type: array host_id: description: | The Advanced Load Balancer controller node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host. title: |- Host identifier type: string hostname: description: | Desired host name/FQDN for the VM to be deployed. format: hostname-or-ip title: |- Host name or FQDN for the VM type: string management_network_id: description: | Distributed portgroup identifier to which the management vnic of Advanced Load Balancer controller node VM will be connected. title: |- Portgroup identifier for management network connectivity type: string management_port_subnets: description: | IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port. items: $ref: '#/definitions/IPSubnet' maxItems: 1 minItems: 1 title: |- Port subnets for management port type: array ntp_servers: description: | List of NTP servers. items: description: |- Hostname or IPv4 address format: hostname-or-ipv4 type: string title: |- NTP servers. type: array storage_id: description: | The Advanced Load Balancer controller node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host. title: |- Storage/datastore identifier type: string storage_policy_id: description: | The cluster node VM will be deployed with the specified storage policy on the specified datastore in the specified VC server. User must ensure that the storage policy is applicable on the given datastore. title: |- Storage policy uuid type: string vc_id: description: | The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server. title: |- vSphere compute identifier for identifying VC server type: string required: - storage_id - management_network_id - hostname - vc_id - compute_id type: object x-vmw-nsx-module: PolicyALBControllerDeployment description: | The vSphere deployment configuration determines where to deploy the Advanced Load Balancer controller node VM through a vCenter server. It contains settings that are applied during install time. If using DHCP, the following fields must be left unset - management_port_subnets, and default_gateway_addresses title: |- Deployment config on the vSphere platform x-vmw-nsx-module: PolicyALBControllerDeployment AntreaAdapterStatus: description: |- Antrea adapter status properties: conditions: description: |- Collection of adapter conditions. items: $ref: '#/definitions/ComponentConditionItem' readOnly: true title: |- Adapter conditions type: array status: description: | Indicate overall healthy status. enum: - HEALTHY - DEGRADED - FAILED - UNKNOWN readOnly: true type: string title: |- Antrea adapter status type: object x-vmw-nsx-module: PolicyAntreaMonitoring AntreaAgentsInfo: description: |- Antrea agents information properties: degraded_agent_num: description: |- The number of degraded agents format: int32 readOnly: true title: |- The number of degraded agents type: integer failed_agent_num: description: |- The number of failed agents format: int32 readOnly: true title: |- The number of failed agents type: integer healthy_agent_num: description: |- The number of healthy agents format: int32 readOnly: true title: |- The number of healthy agents type: integer title: |- Antrea agents information type: object x-vmw-nsx-module: PolicyAntreaMonitoring AntreaClusterInfo: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: agent_info: $ref: '#/definitions/AntreaAgentsInfo' ccp_adapter_status: $ref: '#/definitions/AntreaAdapterStatus' controller_status: $ref: '#/definitions/AntreaControllerStatus' mp_adapter_status: $ref: '#/definitions/AntreaAdapterStatus' type: object x-vmw-nsx-module: PolicyAntreaMonitoring description: |- Antrea cluster status info. title: |- Antrea cluster info x-vmw-nsx-module: PolicyAntreaMonitoring AntreaClusterListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Antrea cluster list results items: $ref: '#/definitions/AntreaClusterInfo' title: |- Antrea cluster list results type: array required: - results type: object x-vmw-nsx-module: PolicyAntreaMonitoring description: |- Paged list of Antrea Cluster list. title: |- Antrea Cluster list x-vmw-nsx-module: PolicyAntreaMonitoring AntreaControllerStatus: description: |- Antrea Controller status, including component status, connected agent and CONTROLLER_ prefix conditions status. properties: conditions: description: | Collection of controller related conditions. items: $ref: '#/definitions/ComponentConditionItem' readOnly: true title: |- Controller conditions type: array connected_agent_num: description: | If status is UNKNOWN, this number is meaningless. format: int32 readOnly: true title: |- The number of connected agents type: integer status: description: | Indicate overall healthy status. enum: - HEALTHY - DEGRADED - FAILED - UNKNOWN readOnly: true type: string title: |- Antrea Controller status type: object x-vmw-nsx-module: PolicyAntreaMonitoring AntreaHeartbeatConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: report_interval: default: 60 description: |- If exceeding 3*report_interval, there is still no heartbeat, cluster status will be UNKNOWN. format: int32 maximum: 600 minimum: 60 title: |- Report interval for Antrea heartbeat with NSX in seconds type: integer required: - report_interval type: object x-vmw-nsx-module: PolicyAntreaMonitoring description: |- Antrea heartbeat configuration for interval time. title: |- Antrea heartbeat configuration x-vmw-nsx-module: PolicyAntreaMonitoring AntreaHeartbeatConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of Antrea cluster heartbeat config. items: $ref: '#/definitions/AntreaHeartbeatConfig' title: |- Antrea cluster heartbeat config list type: array required: - results type: object x-vmw-nsx-module: PolicyAntreaMonitoring description: |- Paged list of Antrea Cluster heartbeat config. title: |- Antrea Cluster heartbeat config list x-vmw-nsx-module: PolicyAntreaMonitoring AntreaTraceflowConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: container_cluster_id: description: | Container cluster ID in inventory. This property is used to identify multiple clusters under single NSX-T. title: |- Container cluster ID type: string destination_external_id: description: | Destination external id for Antrea traceflow. Must be ContainerApplicationInstance or ContainerApplication. Ignored if destination_ip provided in packet data. title: |- Destination external id type: string is_transient: default: true description: |- This field indicates if intent is transient and will be cleaned up by the system if set to true. title: |- Marker to indicate if intent is transient type: boolean packet: $ref: '#/definitions/AntreaTraceflowPacketData' source_external_id: description: | Source external id for Antrea traceflow. Must be ContainerApplicationInstance external_id. title: |- Source external id type: string required: - container_cluster_id - source_external_id type: object x-vmw-nsx-module: PolicyConnectivity description: |- The configuration for Antrea traceflow. title: |- Antrea traceflow configuration x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- AntreaTraceflowConfig list results items: $ref: '#/definitions/AntreaTraceflowConfig' title: |- AntreaTraceflowConfig list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged Collection for AntreaTraceflowConfigs. title: |- Paged Collection of AntreaTraceflowConfigs x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowIcmpEchoRequestHeader: description: | IcmpEchoRequest header stuffs for Antrea traceflow. properties: id: description: | Id of IcmpEchoRequest. format: int64 title: |- IcmpEchoRequest id type: integer sequence: description: | Sequence number of IcmpEchoRequest. format: int64 title: |- Icmp sequence type: integer title: |- IcmpEchoHeader for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowIpHeader: description: | Ip header stuffs for Antrea traceflow. properties: dstIp: description: | Destination ip address in IpHeader. title: |- Destination ip type: string flags: description: | Protocol setting in IpHeader. format: int64 title: |- Flags type: integer protocol: description: | Protocol setting in IpHeader. format: int64 title: |- Protocol type: integer srcIp: description: | Source ip address in IpHeader. title: |- Source ip type: string ttl: description: | TTL value in IpHeader. Default is 64. format: int64 title: |- Time to live type: integer title: |- IpHeader for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowIpv6Header: description: | Ipv6 header stuffs for Antrea traceflow. properties: dstIp: description: | Destination ip address in Ipv6Header. title: |- Destination ip type: string hopLimit: description: | Hop limit setting in Ipv6Header. format: int64 title: |- Hop limit type: integer nextHeader: description: | Next header setting in Ipv6Header. format: int64 title: |- Next header type: integer srcIp: description: | Source ip address in Ipv6Header. title: |- Source ip type: string title: |- Ipv6Header for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowObservation: description: | Observation result for Antrea traceflow. properties: component_type: description: | The type of component. enum: - UNKNOWN - ANTREA_SPOOFGUARD - ANTREA_LB - ANTREA_ROUTING - ANTREA_DFW - ANTREA_FORWARDING readOnly: true title: |- The component type type: string container_node_id: description: | UID of the container node that observed a traceflow packet. readOnly: true title: |- Container node UID type: string observation_type: description: | The type of observation. AntreaTraceflowObservationDelivered: The packet was delivered to destination Pod properly AntreaTraceflowObservationReceived: The packet was received from another ContainerNode AntreaTraceflowObservationForwarded: The packet was forwarded to next logical node or ContainerNode AntreaTraceflowObservationDropped: The packet was dropped enum: - AntreaTraceflowObservationDelivered - AntreaTraceflowObservationReceived - AntreaTraceflowObservationForwarded - AntreaTraceflowObservationDropped title: |- The observation type type: string timestamp: description: | Timestamp when the observation was collect by Antrea controller. format: int64 readOnly: true title: |- Timestamp type: integer required: - observation_type title: |- Observation for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowObservationListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- AntreaTraceflowObservation list results items: $ref: '#/definitions/AntreaTraceflowObservation' title: |- AntreaTraceflowObservation list results type: array type: object x-vmw-nsx-module: PolicyConnectivity description: | List collection for AnteaTraceflowObservation, used in batch API. title: |- List object for AnteaTraceflowObservation x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowPacketData: description: |- Packet data stuffs for Antrea traceflow. properties: frameSize: description: | This property is used to set packet data size. format: int64 title: |- Packet frame size type: integer ipHeader: $ref: '#/definitions/AntreaTraceflowIpHeader' ipv6Header: $ref: '#/definitions/AntreaTraceflowIpv6Header' payload: description: | This property is used to set payload data. title: |- Packet payload type: string resourceType: description: | This property is used to set resource type. enum: - FIELDS_PACKET_DATA - BINARY_PACKET_DATA title: |- Packet resource type type: string transportHeader: $ref: '#/definitions/AntreaTraceflowTransportHeader' transportType: description: | This property is used to set transport type. enum: - UNICAST - MULTICAST - BROADCAST - UNKNOWN title: |- Transport type type: string title: |- Packet data for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowStatus: description: | The status value of one Antrea traceflow. properties: phase: description: | The execution phase of one traceflow. enum: - SUCCEEDED - FAILED title: |- Phase type: string reason: description: | The reason for the failure. title: |- Reason type: string title: |- Status for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowTcpHeader: description: | Tcp header stuffs for Antrea traceflow. properties: dstPort: description: | Destination port number in TcpHeader. format: int64 title: |- Destination port type: integer srcPort: description: | Source port number in TcpHeader. format: int64 title: |- Source port type: integer tcpFlags: description: | Tcp flags in TcpHeader. SYN flag must be set for traceflow. format: int64 title: |- Tcp flags type: integer title: |- TcpHeader for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowTransportHeader: description: | Transport header stuffs for Antrea traceflow. properties: icmpEchoRequestHeader: $ref: '#/definitions/AntreaTraceflowIcmpEchoRequestHeader' tcpHeader: $ref: '#/definitions/AntreaTraceflowTcpHeader' udpHeader: $ref: '#/definitions/AntreaTraceflowUdpHeader' title: |- TransportHeader for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity AntreaTraceflowUdpHeader: description: | Udp header stuffs for Antrea traceflow. properties: dstPort: description: | Destination port number in UdpHeader. format: int64 title: |- Destination port type: integer srcPort: description: | Source port number in UdpHeader. format: int64 title: |- Source port type: integer title: |- UdpHeader for Antrea traceflow type: object x-vmw-nsx-module: PolicyConnectivity ApiError: allOf: - $ref: '#/definitions/RelatedApiError' - properties: related_errors: description: |- Other errors related to this error items: $ref: '#/definitions/RelatedApiError' title: |- Other errors related to this error type: array type: object x-vmw-nsx-module: Common description: |- Detailed information about an API Error title: |- Detailed information about an API Error x-vmw-nsx-module: Common ApiRequestBody: allOf: - $ref: '#/definitions/Source' - properties: resource_pointer: description: | Regex path representing a regex expression on resources. This regex is used to identify the request body(ies) that is/are the source of the Event. For instance: specifying "Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default" as a source means that ANY resource starting with Lb or ANY resource with "/infra/tier-0s/vmc/ipsec-vpn-services/default" as path would be the source of the event in question. title: |- Resource Pointer type: string required: - resource_pointer type: object x-vmw-nsx-module: PolicyReaction description: | API Request Body is an Event Source that represents an API request body that is being reveived as part of an API. Supported Request Bodies are those received as part of a PATCH/PUT/POST request. title: |- API Request Body x-vmw-nsx-module: PolicyReaction ApplianceLatencyData: allOf: - $ref: '#/definitions/Resource' - properties: id: description: |- Display the Appliance id. title: |- Appliance id type: string latency_data: description: |- Latency Data list. items: $ref: '#/definitions/ApplianceLatencyDataItem' title: |- Latency Data List type: array name: description: |- Display the appliance name. title: |- Appliance name type: string timestamp: description: |- Timestamp of last modification. format: int64 type: integer type: object x-vmw-nsx-module: ShaApplianceMonitor description: |- Display the latency data by given appliance node title: |- Display the latency data by given appliance node x-vmw-nsx-module: ShaApplianceMonitor ApplianceLatencyDataItem: description: | Describes appliance latency data in detail. properties: destination_node_id: description: |- Display the appliance node id. title: |- Node id type: string destination_node_ip: description: |- Display the appliance node ip. title: |- Node name type: string destination_node_name: description: |- Display the appliance node name. title: |- Node name type: string packet_loss_percent: description: |- Display the percentage of lost packet. title: |- Display the percentage of lost packet type: string packet_received: description: |- Display the received packets. format: int64 title: |- Display the received packets type: integer packet_transmitted: description: |- Display the transmitted packets in Ping format: int64 title: |- Display the transmitted packets type: integer rtt_avg: description: | Display the average Round Trip Time in milliseconds. title: |- Display the average rtt of latency value type: number rtt_max: description: | Display the max Round Trip Time in milliseconds. title: |- Display the max rtt of latency value type: number rtt_mdev: description: | Display the mean Round Trip Time in milliseconds. title: |- Display the mean rtt of latency value type: number rtt_min: description: | Display the min Round Trip Time in milliseconds. title: |- Display the min rtt of latency value type: number source_node_ip: description: |- Display the appliance node ip. title: |- Node name type: string status: description: | Display the connection status between source node and destination node. enum: - UP - DOWN title: |- Display the connection status type: string total_time: description: | Display the total time of sending and receiving packets in milliseconds. format: int64 title: |- Display the total time in milliseconds type: integer title: |- Appliance Latency data type: object x-vmw-nsx-module: ShaApplianceMonitor ApplianceLatencyListResult: allOf: - $ref: '#/definitions/ListResult' - properties: result_count: description: |- Total appliance latency count format: int64 title: |- Total appliance latency count type: integer results: description: |- Display the appliance latency data list. items: $ref: '#/definitions/ApplianceLatencyData' title: |- Appliance Process List type: array required: - result_count type: object x-vmw-nsx-module: ShaApplianceMonitor description: |- List of process data title: |- List of process data x-vmw-nsx-module: ShaApplianceMonitor ApplianceProcessData: allOf: - $ref: '#/definitions/Resource' - properties: id: description: |- Display the Appliance id. title: |- Appliance id type: string name: description: |- Display the appliance name. title: |- Appliance name type: string timestamp: description: |- Timestamp of last modification. format: int64 type: integer top_process_by_cpu_count: description: |- Display the total count of process. format: int64 title: |- Process count type: integer top_process_by_cpu_list: description: |- Display the top process list by CPU. items: $ref: '#/definitions/ProcessInformation' title: |- Top process list by CPU type: array top_process_by_mem_count: description: |- Display the total count of process. format: int64 title: |- Process count type: integer top_process_by_mem_list: description: |- Display the top process list by memory. items: $ref: '#/definitions/ProcessInformation' title: |- Top process list by memory type: array type: object x-vmw-nsx-module: ShaApplianceMonitor description: |- List of process data in given appliance node title: |- List of process data in given appliance node x-vmw-nsx-module: ShaApplianceMonitor ApplianceProcessListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Display the appliance process list. items: $ref: '#/definitions/ApplianceProcessData' title: |- Appliance Process List type: array type: object x-vmw-nsx-module: ShaApplianceMonitor description: |- List of process data title: |- List of process data x-vmw-nsx-module: ShaApplianceMonitor ApplicationConnectivityStrategy: description: | Allows more granular policies for application workloads properties: application_connectivity_strategy: description: | App connectivity strategies enum: - ALLOW_INTRA - ALLOW_EGRESS - ALLOW_INGRESS - DROP_INGRESS - DROP_EGRESS title: |- Application connectivity strategy type: string default_application_rule_id: description: | Based on the value of the app connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule. format: int64 readOnly: true title: |- Default rule ID associated with the application_connectivity_strategy type: integer logging_enabled: default: false description: |- Flag to enable packet logging. Default is disabled. readOnly: false title: |- Enable logging flag type: boolean required: - application_connectivity_strategy title: |- Application specific connectivity strategy type: object x-vmw-nsx-module: Policy ArpHeader: properties: dst_ip: description: |- The destination IP address format: ipv4 type: string op_code: default: ARP_REQUEST description: |- This field specifies the nature of the Arp message being sent. enum: - ARP_REQUEST - ARP_REPLY title: |- Arp message type type: string src_ip: description: |- This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0. format: ipv4 type: string required: - op_code - dst_ip type: object x-vmw-nsx-module: Traceflow ArpSnoopingConfig: description: |- Contains ARP snooping related configuration. properties: arp_binding_limit: default: 1 description: | Number of arp snooped IP addresses Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached. format: int32 maximum: 256 minimum: 1 title: |- Maximum number of ARP bindings type: integer arp_snooping_enabled: default: true description: |- Indicates whether ARP snooping is enabled title: |- Is ARP snooping enabled or not type: boolean title: |- ARP Snooping Configuration type: object x-vmw-nsx-module: PolicyIpDiscovery AssignedByDhcp: allOf: - $ref: '#/definitions/IpAssignmentSpec' - type: object x-vmw-nsx-module: TransportNode description: |- This type can be specified in ip assignment spec of host switch if DHCP based IP assignment is desired for host switch virtual tunnel endpoints. title: |- DHCP based IP assignment. x-vmw-nsx-module: TransportNode AttachedInterfaceEntry: description: | The Attached interface is only effective for the segment port on Bare metal server. properties: app_intf_name: description: |- The name of application interface title: |- The name of application interface type: string default_gateway: description: |- Gateway IP format: ip type: string migrate_intf: description: |- IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP. title: |- Interface name to migrate type: string routing_table: description: |- Routing rules items: type: string title: |- Routing rules type: array required: - app_intf_name title: |- Attached interface information for Bare metal server type: object x-vmw-nsx-module: PolicyConnectivity Attribute: description: |- Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance. properties: attribute_type: description: |- Attribute Type can be of any of the allowed enum type. enum: - IP_ADDRESS - PORT - PASSWORD - STRING - LONG - BOOLEAN readOnly: false title: |- Attributetype. type: string display_name: description: |- Attribute display name string value. readOnly: false title: |- Display name type: string key: description: |- Attribute key string value. readOnly: false title: |- key type: string read_only: default: false description: |- Read only Attribute cannot be overdidden by service instance/deployment. readOnly: false title: |- read only type: boolean value: description: |- Attribute value string value. readOnly: false title: |- value type: string required: - key title: |- Attributes type: object x-vmw-nsx-module: ServiceInsertionCommonTypes AttributeVal: description: |- Contains type specific properties of generic realized entity properties: data_type: description: |- Datatype of the property enum: - STRING - DATE - INTEGER - BOOLEAN readOnly: true title: |- Datatype of property represented by this attribute type: string key: description: |- Attribute key title: |- Key for the attribute value type: string multivalue: description: |- If attribute has a single value or collection of values readOnly: true title: |- multivalue flag type: boolean values: description: |- List of attribute values items: type: string readOnly: true title: |- List of values for the attribute type: array title: |- Attribute values of realized type type: object x-vmw-nsx-module: PolicyRealizedState AutoRds: description: |- This object holds auto assigned route distinguishers for Layer 2 and Layer 3 configurations. properties: l2_auto_rds: description: |- List of layer 2 Auto assigned Route Distinguisher items: $ref: '#/definitions/L2AutoRD' title: |- List of layer 2 Auto assigned Route Distinguisher type: array l3_auto_rd: description: | This field is auto assigned by the system. The auto RD seed is populated when user does not assign a route_distinguisher field in the gateway. title: |- Layer 3 Auto assigned Route Distinguisher type: string title: |- Auto assigned Route Distinguishers type: object x-vmw-nsx-module: PolicyConnectivityStatistics AviConnectionInfo: allOf: - $ref: '#/definitions/EnforcementPointConnectionInfo' - properties: cloud: description: | Clouds are containers for the environment that Avi Vantage is installed or operating within. During initial setup of Vantage, a default cloud, named Default-Cloud, is created. This is where the first Controller is deployed, into Default-Cloud. Additional clouds may be added, containing SEs and virtual services. This is a deprecated property. Cloud has been renamed to cloud_name and it will added from specific ALB entity. title: |- Cloud type: string x-deprecated: true expires_at: description: | Expiry time of the token will be set by LCM at the time of Enforcement Point Creation. title: |- Expiry time of the token type: string managed_by: description: | Managed by used when on-borading workflow created by LCM/VCF. title: |- Managed by used when on-borading workflow created by LCM/VCF. type: string password: description: |- Password or Token for Avi Controller. title: |- Password or Token for Avi Controller type: string tenant: description: | A tenant is an isolated instance of Avi Controller. Each Avi user account is associated with one or more tenants. The tenant associated with a user account defines the resources that user can access within Avi Vantage. When a user logs in, Avi restricts their access to only those resources that are in the same tenant title: |- Tenant type: string thumbprint: description: | Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX. title: |- Thumbprint of Enforcement Point type: string username: description: |- Username. title: |- Username type: string version: description: | Avi supports API versioning for backward compatibility with automation scripts written for an object model older than the current one. Such scripts need not be updated to keep up with object model changes This is a deprecated property. The version is now auto populated from property file and its value can be read using APIs title: |- Version type: string x-deprecated: true required: - tenant type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Credential info to connect to a AVI type of enforcement point. title: |- Avi Connection Info x-vmw-nsx-module: PolicyEnforcementPointManagement Axes: description: |- Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs. properties: x_label: $ref: '#/definitions/Label' x_labels: description: |- A list of X-Axis Labels with condition support. If needed, this property can be used to provide a list of x-axis label with condition support. For a label with single condition,'x-label' property can be used. items: $ref: '#/definitions/Label' minItems: 0 title: |- A list of X-Axis Labels with condition support. type: array y_axis_unit_labels: description: |- A list of Y-Axis unit Labels with condition support. If needed, this property can be used to provide a list of y-axis unit label with condition support. This unit label can be used to display the point value along with units like percentage, milliseconds etc. items: $ref: '#/definitions/Label' minItems: 0 title: |- A list of Y-Axis unit Labels with condition support. type: array y_axis_units: description: |- A list of Y-Axis unit with condition support. If needed, this property can be used to provide a list of y-axis unit with condition support. This unit could be like percentage, seconds, milliseconds etc. items: $ref: '#/definitions/AxisUnit' minItems: 0 title: |- A list of Y-Axis unit with condition support. type: array y_label: $ref: '#/definitions/Label' y_labels: description: |- A list of Y-Axis Labels with condition support. If needed, this property can be used to provide a list of y-axis label with condition support. For a label with single condition,'y-label' property can be used. items: $ref: '#/definitions/Label' minItems: 0 title: |- A list of Y-Axis Labels with condition support. type: array title: |- Axes of a graph type: object x-vmw-nsx-module: NsxDashboard AxisUnit: description: |- Represents X and Y axis unit of a graph. properties: condition: description: |- If the condition is met then the above unit will be displayed. to UI. If no condition is provided, then the unit will be displayed unconditionally. maxLength: 1024 title: |- Expression for evaluating condition type: string unit: description: |- An Axis unit. enum: - COUNT - PERCENT - BYTES - MILLISECONDS - SECONDS - MINUTE - HOUR - DAY - KILO_BYTES - MEGA_BYTES - GIGA_BYTES title: |- An Axis unit. type: string title: |- Axis unit of a graph type: object x-vmw-nsx-module: NsxDashboard BFDDiagnosticCount: properties: administratively_down_count: description: |- Number of tunnels with administratively down diagnostic message format: int64 title: |- Number of tunnels with administratively message type: integer concatenated_path_down_count: description: |- Number of tunnels with concatenated path down diagnostic message format: int64 title: |- Number of tunnels with concatenated message type: integer control_detection_time_expired_count: description: |- Number of tunnels with control detection time expired diagnostic message format: int64 title: |- Number of tunnels with expired message type: integer echo_function_failed_count: description: |- Number of tunnels with echo function failed diagnostic message format: int64 title: |- Number of tunnels with failed message type: integer forwarding_plane_reset_count: description: |- Number of tunnels with forwarding plane reset diagnostic message format: int64 title: |- Number of tunnels with reset message type: integer neighbor_signaled_session_down_count: description: |- Number of tunnels neighbor signaled session down format: int64 title: |- Number of tunnels neighbor signaled session down type: integer no_diagnostic_count: description: |- Number of tunnels with no diagnostic format: int64 title: |- Number of tunnels with no diagnostic type: integer path_down_count: description: |- Number of tunnels with path down diagnostic message format: int64 title: |- Number of tunnels with path down message type: integer reverse_concatenated_path_down_count: description: |- Number of tunnels with reverse concatenated path down diagnostic message format: int64 title: |- Number of tunnels with reverse message type: integer type: object x-vmw-nsx-module: Heatmap BFDProperties: description: |- BFD information properties: active: description: |- True if tunnel is active in a gateway HA setup readOnly: true title: |- True if tunnel is active in a gateway HA setup type: boolean diagnostic: description: |- A short message indicating what the BFD session thinks is wrong in case of a problem readOnly: true title: |- Diagnostic message of a problem type: string forwarding: description: |- True if the BFD session believes this interface may be used to forward traffic readOnly: true title: |- True if the BFD session believes this interface may be used to forward traffic type: boolean remote_diagnostic: description: |- A short message indicating what the remote interface's BFD session thinks is wrong in case of a problem readOnly: true title: |- Diagnostic message of a problem type: string remote_state: description: |- State of the remote interface's BFD session enum: - UNKNOWN_STATE - ADMIN_DOWN - DOWN - INIT - UP readOnly: true title: |- State of the remote interface's BFD session type: string state: description: |- State of the BFD session enum: - UNKNOWN_STATE - ADMIN_DOWN - DOWN - INIT - UP readOnly: true title: |- State of the BFD session type: string title: |- BFD information type: object x-vmw-nsx-module: Tunnel BFDStatusCount: properties: bfd_admin_down_count: description: |- Number of tunnels in BFD admin down state format: int32 title: |- Number of tunnels in BFD admin down state type: integer bfd_down_count: description: |- Number of tunnels in BFD down state format: int32 title: |- Number of tunnels in BFD down state type: integer bfd_init_count: description: |- Number of tunnels in BFD init state format: int32 title: |- Number of tunnels in BFD init state type: integer bfd_up_count: description: |- Number of tunnels in BFD up state format: int32 title: |- Number of tunnels in BFD up state type: integer type: object x-vmw-nsx-module: Heatmap BackupConfiguration: description: |- Configuration for taking manual/automated backup properties: after_inventory_update_interval: description: |- A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups. format: int64 maximum: 86400 minimum: 300 title: |- A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups. type: integer backup_enabled: default: false description: |- true if automated backup is enabled title: |- true if automated backup is enabled type: boolean backup_schedule: $ref: '#/definitions/BackupSchedule' inventory_summary_interval: default: 240 description: |- The minimum number of seconds between each upload of the inventory summary to backup server. format: int64 maximum: 3600 minimum: 30 title: |- The minimum number of seconds between each upload of the inventory summary to backup server. type: integer passphrase: description: | Passphrase used to encrypt backup files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (any other non-space character). title: |- Passphrase used to encrypt backup files. type: string remote_file_server: $ref: '#/definitions/RemoteFileServer' title: |- Configuration for taking manual/automated backup type: object x-vmw-nsx-module: BackupConfiguration BackupOperationHistory: description: |- Past backup operation details properties: cluster_backup_statuses: description: |- Statuses of previous cluser backups items: $ref: '#/definitions/BackupOperationStatus' title: |- Statuses of previous cluser backups type: array inventory_backup_statuses: description: |- Statuses of previous inventory backups items: $ref: '#/definitions/BackupOperationStatus' title: |- Statuses of previous inventory backups type: array node_backup_statuses: description: |- Statuses of previous node backups items: $ref: '#/definitions/BackupOperationStatus' title: |- Statuses of previous node backups type: array title: |- Past backup operation details type: object x-vmw-nsx-module: BackupConfiguration BackupOperationStatus: description: |- Backup operation status properties: backup_id: description: |- Unique identifier of a backup title: |- Unique identifier of a backup type: string end_time: description: |- Time when operation was ended format: int64 type: integer error_code: description: |- Error code enum: - BACKUP_NOT_RUN_ON_MASTER - BACKUP_SERVER_UNREACHABLE - BACKUP_AUTHENTICATION_FAILURE - BACKUP_PERMISSION_ERROR - BACKUP_TIMEOUT - BACKUP_BAD_FINGERPRINT - BACKUP_GENERIC_ERROR - UPGRADE_IN_PROGRESS title: |- Error code type: string error_message: description: |- Error code details title: |- Error code details type: string start_time: description: |- Time when operation was started format: int64 type: integer success: description: |- True if backup is successfully completed, else false title: |- True if backup is successfully completed, else false type: boolean required: - backup_id - success title: |- Backup operation status type: object x-vmw-nsx-module: BackupConfiguration BackupOverview: allOf: - $ref: '#/definitions/ClusterBackupInfoListResult' - properties: backup_config: $ref: '#/definitions/BackupConfiguration' backup_operation_history: $ref: '#/definitions/BackupOperationHistory' current_backup_operation_status: $ref: '#/definitions/CurrentBackupOperationStatus' restore_status: $ref: '#/definitions/ClusterRestoreStatus' required: - current_backup_operation_status - backup_operation_history - backup_config - restore_status type: object x-vmw-nsx-module: BackupConfiguration description: |- Data for a single backup/restore card title: |- Backup overview x-vmw-nsx-module: BackupConfiguration BackupSchedule: description: |- Abstract base type for Weekly or Interval Backup Schedule discriminator: resource_type properties: resource_type: description: |- Schedule type enum: - WeeklyBackupSchedule - IntervalBackupSchedule title: |- Schedule type type: string required: - resource_type title: |- Abstract base type for Weekly or Interval Backup Schedule type: object x-vmw-nsx-module: BackupConfiguration BaseConsolidatedStatusPerEnforcementPoint: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: consolidated_status: $ref: '#/definitions/ConsolidatedStatus' enforcement_point_id: description: |- Enforcement Point Id. readOnly: true title: |- Enforcement Point Id type: string resource_type: type: string site_path: description: |- The site where this enforcement point resides. readOnly: true title: |- Site Path type: string required: - resource_type type: object x-vmw-nsx-module: PolicyRealizedState description: | Consolidated Realized Status Per Enforcement Point. title: |- Base class for ConsolidatedStatusPerEnforcementPoint x-vmw-nsx-module: PolicyRealizedState BaseEndpoint: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: enum: - VirtualEndpoint - ServiceInstanceEndpoint type: string target_ips: description: | IPs where either inbound or outbound traffic is to be redirected. items: $ref: '#/definitions/IPInfo' maxItems: 1 minItems: 1 title: |- IP addresses to redirect the traffic to type: array required: - target_ips - resource_type type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Represents an endpoint which will be used as subject in rule. It is a polymorphic type object which can be either of the types - 1. Virtual 2. Logical We have 2 separate objects representing these 2 types. VirtualEndPoint for Virtual type and ServiceInstanceEndpoint for Logical. title: |- An endpoint to be used in redirection rule x-vmw-nsx-module: PolicyServiceInsertion BasePktCapResource: discriminator: resource_type properties: resource_type: description: |- Type of packet capture resource title: |- Type of packet capture resource type: string required: - resource_type type: object x-vmw-nsx-module: LiveTrace BasePolicyServiceInstance: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: deployment_mode: default: ACTIVE_STANDBY description: |- Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode. enum: - STAND_ALONE - ACTIVE_STANDBY readOnly: false title: |- Deployment Mode type: string partner_service_name: description: |- Unique name of Partner Service in the Marketplace title: |- Name of Partner Service type: string transport_type: default: L2_BRIDGE description: |- Transport to be used while deploying Service-VM. enum: - L2_BRIDGE - L3_ROUTED readOnly: false title: |- Transport Type type: string required: - partner_service_name type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Represents an instance of partner Service and its configuration. title: |- Represents an instance of partner Service and its configuration x-vmw-nsx-module: PolicyServiceInsertion BaseRule: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: destination_groups: description: | We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. items: type: string maxItems: 128 title: |- Destination group paths type: array destinations_excluded: default: false description: | If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups readOnly: false title: |- Negation of destination groups type: boolean direction: default: IN_OUT description: | Define direction of traffic. enum: - IN - OUT - IN_OUT title: |- Direction type: string disabled: default: false description: |- Flag to disable the rule. Default is enabled. readOnly: false title: |- Flag to disable the rule type: boolean ip_protocol: description: | Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null. enum: - IPV4 - IPV6 - IPV4_IPV6 readOnly: false title: |- IPv4 vs IPv6 packet type type: string is_default: description: |- A flag to indicate whether rule is a default rule. readOnly: true title: |- Default rule flag type: boolean logged: default: false description: |- Flag to enable packet logging. Default is disabled. readOnly: false title: |- Enable logging flag type: boolean notes: description: |- Text for additional notes on changes. maxLength: 2048 readOnly: false title: |- Text for additional notes on changes type: string profiles: description: | Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed. items: type: string maxItems: 128 title: |- Layer 7 service profiles or TLS action profile type: array rule_id: description: "This is a unique 4 byte positive number that is assigned by\ \ the system. \nThis rule id is passed all the way down to the data path.\ \ The first 1GB\n(1000 to 2^30) will be shared by GM and LM with zebra\ \ style striped\nnumber space. For E.g 1000 to (1Million -1) by LM, (1M\ \ - 2M-1) by GM\nand so on.\n" format: int64 readOnly: true title: |- Unique rule ID type: integer scope: description: | The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs. items: type: string maxItems: 128 type: array sequence_number: description: | This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number format: int32 minimum: 0 title: |- Sequence number of the this Rule type: integer service_entries: description: | In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null. items: $ref: '#/definitions/ServiceEntry' maxItems: 128 title: |- Raw services type: array services: description: | In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. items: type: string maxItems: 128 title: |- Names of services type: array source_groups: description: | We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. items: type: string maxItems: 128 title: |- Source group paths type: array sources_excluded: default: false description: | If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups readOnly: false title: |- Negation of source groups type: boolean tag: description: | User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters. title: |- Tag applied on the rule type: string type: object x-vmw-nsx-module: Policy description: |- A rule indicates the action to be performed for various types of traffic flowing between workload groups. title: |- A rule represent base properties for ,dfw, forwarding, redirection rule x-vmw-nsx-module: Policy BaseRuleListResult: allOf: - $ref: '#/definitions/ListResult' - type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Rules title: |- Paged Collection of Rules x-vmw-nsx-module: Policy BaseTier0Interface: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dhcp_relay_path: description: | Policy path of dhcp-relay-config to be attached to this Interface. title: |- policy path of referenced dhcp-relay-config type: string subnets: description: | Specify IP address and network prefix for interface. items: $ref: '#/definitions/InterfaceSubnet' minItems: 1 title: |- IP address and subnet specification for interface type: array required: - subnets type: object x-vmw-nsx-module: PolicyConnectivity description: |- Tier-0 interface configuration for external connectivity. title: |- Tier-0 interface configuration x-vmw-nsx-module: PolicyConnectivity BatchRequest: description: |- A set of operations to be performed in a single batch properties: continue_on_error: default: true description: |- Continue even if an error is encountered. type: boolean requests: items: $ref: '#/definitions/BatchRequestItem' type: array title: |- A set of operations to be performed in a single batch type: object x-vmw-nsx-module: Common BatchRequestItem: description: |- A single request within a batch of operations properties: body: type: object method: description: |- http method type enum: - GET - POST - PUT - DELETE - PATCH title: |- method type(POST/PUT/DELETE/UPDATE) type: string uri: description: |- relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters title: |- Internal uri of the call type: string required: - uri - method title: |- A single request within a batch of operations type: object x-vmw-nsx-module: Common BatchResponse: description: |- The reponse to a batch operation properties: has_errors: description: |- Indicates if any of the APIs failed title: |- errors indicator type: boolean results: description: |- Bulk list results items: $ref: '#/definitions/BatchResponseItem' title: |- Bulk list results type: array rolled_back: description: |- Optional flag indicating that all items were rolled back even if succeeded initially title: |- indicates if all items were rolled back. type: boolean required: - results title: |- The reponse to a batch operation type: object x-vmw-nsx-module: Common BatchResponseItem: description: |- A single respose in a list of batched responses properties: body: description: |- object returned by api title: |- object returned by api type: object code: description: |- http status code format: int64 title: |- object returned by api type: integer headers: description: |- The headers returned by the API call title: |- object returned by api type: object required: - code title: |- A single respose in a list of batched responses type: object x-vmw-nsx-module: Common BfdHealthMonitoringConfig: description: | Bfd Health Monitoring Options used specific to BFD Transport Zone profiles properties: enabled: description: |- Whether the heartbeat is enabled. A PATCH or PUT request with "enabled" false (with no probe intervals) will set or reset the probe_interval to their default value. title: |- Whether the heartbeat is enabled. A PATCH or PUT request with "enabled" false (with no probe intervals) will set or reset the probe_interval to their default value. type: boolean latency_enabled: description: |- The flag is to turn on/off latency. A PATCH or PUT request with "latency_enabled" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI. title: |- Whether the latency is enabled. type: boolean probe_interval: default: 1000 description: |- The time interval (in millisec) between probe packets for tunnels between transport nodes. format: int64 minimum: 300 title: |- The time interval (in millisec) between probe packets for tunnels between transport nodes. type: integer required: - enabled title: |- Bfd Health Monitoring Options type: object x-vmw-nsx-module: PolicyTransportZoneProfile BfdProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: interval: default: 500 description: | Time interval between heartbeat packets in milliseconds. format: int32 maximum: 60000 minimum: 50 title: |- Time interval between heartbeat packets in milliseconds type: integer multiple: default: 3 description: | Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down. format: int32 maximum: 16 minimum: 2 title: |- Declare dead multiple type: integer type: object x-vmw-nsx-module: PolicyConnectivity description: |- Bidirectional Forwarding Detection configuration for BGP peers title: |- Bidirectional Forwarding Detection configuration for BGP peers x-vmw-nsx-module: PolicyConnectivity BfdProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Bfd Profile list results. items: $ref: '#/definitions/BfdProfile' title: |- Bfd Profile List Results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged Collection of BfdProfile. title: |- Paged Collection of BfdProfile x-vmw-nsx-module: PolicyConnectivity BgpAddressFamily: properties: in_prefix_count: description: |- Count of in prefixes format: int64 readOnly: true title: |- Count of in prefixes type: integer out_prefix_count: description: |- Count of out prefixes format: int64 readOnly: true title: |- Count of out prefixes type: integer type: description: |- BGP address family type enum: - IPV4_UNICAST - VPNV4_UNICAST - IPV6_UNICAST - L2VPN_EVPN readOnly: true title: |- BGP address family type type: string type: object x-vmw-nsx-module: AggSvcLogicalRouter BgpBfdConfig: description: |- BFD configuration for BGP peers properties: enabled: default: false description: |- Flag to enable BFD cofiguration. title: |- Flag to enable BFD cofiguration type: boolean interval: default: 500 description: | Time interval between heartbeat packets in milliseconds. format: int32 maximum: 60000 minimum: 50 title: |- Time interval between heartbeat packets in milliseconds type: integer multiple: default: 3 description: | Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down. format: int32 maximum: 16 minimum: 2 title: |- Declare dead multiple type: integer title: |- BFD configuration for BGP peers type: object x-vmw-nsx-module: PolicyConnectivity BgpGracefulRestartConfig: description: |- Configuration field to hold BGP restart mode and timer. properties: mode: default: HELPER_ONLY description: | If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers. enum: - DISABLE - GR_AND_HELPER - HELPER_ONLY title: |- BGP Graceful Restart Configuration Mode type: string timer: $ref: '#/definitions/BgpGracefulRestartTimer' title: |- BGP Graceful Restart Configuration type: object x-vmw-nsx-module: PolicyConnectivity BgpGracefulRestartTimer: description: |- Configuration field to hold BGP restart timers properties: restart_timer: default: 180 description: | Maximum time taken (in seconds) for a BGP session to be established after a restart. This can be used to speed up routing convergence by its peer in case the BGP speaker does not come back up after a restart. If the session is not re-established within this timer, the receiving speaker will delete all the stale routes from that peer. format: int64 maximum: 3600 minimum: 1 title: |- BGP Graceful Restart Timer type: integer stale_route_timer: default: 600 description: | Maximum time (in seconds) before stale routes are removed from the RIB (Routing Information Base) when BGP restarts. format: int64 maximum: 3600 minimum: 1 title: |- BGP Stale Route Timer type: integer title: |- BGP Graceful Restart Timers type: object x-vmw-nsx-module: PolicyConnectivity BgpNeighborConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: allow_as_in: default: false description: |- Flag to enable allowas_in option for BGP neighbor title: |- Flag to enable allowas_in option for BGP neighbor type: boolean bfd: $ref: '#/definitions/BgpBfdConfig' graceful_restart_mode: description: | If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers. enum: - DISABLE - GR_AND_HELPER - HELPER_ONLY title: |- BGP Graceful Restart Configuration Mode type: string hold_down_time: default: 180 description: | Wait time in seconds before declaring peer dead. format: int32 maximum: 65535 minimum: 1 title: |- Wait time in seconds before declaring peer dead type: integer in_route_filters: description: | Specify path of prefix-list or route map to filter routes for IN direction. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error. items: type: string maxItems: 1 title: |- Prefix-list or route map path for IN direction type: array x-deprecated: true keep_alive_time: default: 60 description: | Interval (in seconds) between keep alive messages sent to peer. format: int32 maximum: 65535 minimum: 1 title: |- Interval between keep alive messages sent to peer type: integer maximum_hop_limit: default: 1 description: | Maximum number of hops allowed to reach BGP neighbor. format: int32 maximum: 255 minimum: 1 title: |- Maximum number of hops allowed to reach BGP neighbor type: integer neighbor_address: description: |- Neighbor IP Address format: ip type: string out_route_filters: description: | Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error. items: type: string maxItems: 1 title: |- Prefix-list or route map path for OUT direction type: array x-deprecated: true password: description: | Specify password for BGP neighbor authentication. Empty string ("") clears existing password. maxLength: 32 minLength: 0 title: |- Password type: string remote_as_num: description: |- 4 Byte ASN of the neighbor in ASPLAIN Format title: |- 4 Byte ASN of the neighbor in ASPLAIN Format type: string route_filtering: description: | Enable address families and route filtering in each direction. items: $ref: '#/definitions/BgpRouteFiltering' maxItems: 2 title: |- Enable address families and route filtering in each direction type: array source_addresses: description: | Source addresses should belong to Tier0 external or loopback interface IP Addresses . BGP peering is formed from all these addresses. This property is mandatory when maximum_hop_limit is greater than 1. items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 8 title: |- Source IP Addresses for BGP peering type: array required: - remote_as_num - neighbor_address type: object x-vmw-nsx-module: PolicyConnectivity description: | Contains information necessary to configure a BGP neighbor. title: |- BGP neighbor config x-vmw-nsx-module: PolicyConnectivity BgpNeighborConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- BGP neighbor configs list results items: $ref: '#/definitions/BgpNeighborConfig' title: |- BGP neighbor configs list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of BGP Neighbor Configs title: |- Paged collection of BGP Neighbor Configs x-vmw-nsx-module: PolicyConnectivity BgpNeighborRouteDetailsCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: as_path: description: |- BGP AS path attribute. readOnly: true title: |- AS path type: string local_pref: description: |- BGP Local Preference attribute. format: int64 readOnly: true title: |- Local preference type: integer logical_router_id: description: |- Logical router id readOnly: true title: |- Logical router id type: string med: description: |- BGP Multi Exit Discriminator attribute. format: int64 readOnly: true title: |- Multi Exit Discriminator type: integer neighbor_address: description: |- BGP neighbor peer IP address. format: ip readOnly: true type: string neighbor_id: description: |- BGP neighbor id readOnly: true title: |- BGP neighbor id type: string network: description: |- CIDR network address. format: ip-cidr-block readOnly: true type: string next_hop: description: |- Next hop IP address. format: ip readOnly: true type: string source_address: description: |- BGP neighbor source address. format: ip readOnly: true type: string transport_node_id: description: |- Transport node id readOnly: true title: |- Transport node id type: string weight: description: |- BGP Weight attribute. format: int64 readOnly: true title: |- Weight type: integer type: object x-vmw-nsx-module: AggSvcLogicalRouter description: |- BGP neighbor learned/advertised route details. title: |- BGP neighbor route details x-vmw-nsx-module: AggSvcLogicalRouter BgpNeighborRouteDetailsInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/BgpNeighborRouteDetailsCsvRecord' type: array type: object x-vmw-nsx-module: AggSvcLogicalRouter x-vmw-nsx-module: AggSvcLogicalRouter BgpNeighborRoutes: description: |- BGP neighbor learned/advertised route details. properties: edge_node_routes: description: | Array of BGP neighbor route details per edge node. items: $ref: '#/definitions/RoutesPerTransportNode' readOnly: true title: |- Route details per transport node type: array egde_node_routes: description: | Array of BGP neighbor route details per edge node. items: $ref: '#/definitions/RoutesPerTransportNode' readOnly: true title: |- Route details per transport node type: array x-deprecated: true enforcement_point_path: description: |- Enforcement point policy path readOnly: true title: |- Enforcement point policy path type: string neighbor_path: description: |- BGP neighbor policy path readOnly: true title: |- BGP neighbor policy path type: string title: |- BGP neighbor route details type: object x-vmw-nsx-module: PolicyConnectivityStatistics BgpNeighborRoutesListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of Bgp neighbor routes. items: $ref: '#/definitions/BgpNeighborRoutes' title: |- Paged Collection of Bgp neighbor routes type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics BgpRouteFiltering: description: |- Enable address_families and route filtering in each direction properties: address_family: description: |- Address family type. If not configured, this property automatically derived for IPv4 & IPv6 peer configuration. enum: - IPV4 - IPV6 - L2VPN_EVPN title: |- Address family type type: string enabled: default: true description: |- Flag to enable address family. title: |- Enable address family type: boolean in_route_filters: description: | Specify path of prefix-list or route map to filter routes for IN direction. items: type: string maxItems: 1 title: |- Prefix-list or route map path for IN direction type: array maximum_routes: description: | Maximum number of routes for the address family. format: int32 maximum: 1000000 minimum: 1 title: |- Maximum number of routes for the address family type: integer out_route_filters: description: | Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. items: type: string maxItems: 1 title: |- Prefix-list or route map path for OUT direction type: array title: |- Enable address_families and route filtering in each direction type: object x-vmw-nsx-module: PolicyConnectivity BgpRoutingConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ecmp: description: | Flag to enable ECMP. title: |- Flag to enable ECMP type: boolean enabled: description: | Flag to enable BGP configuration. Disabling will stop feature and BGP peering. title: |- Flag to enable BGP configuration type: boolean graceful_restart: description: | Flag to enable graceful restart. This field is deprecated, please use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other (i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER) then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown. title: |- Flag to enable graceful restart type: boolean x-deprecated: true graceful_restart_config: $ref: '#/definitions/BgpGracefulRestartConfig' inter_sr_ibgp: description: | Flag to enable inter SR IBGP configuration. When not specified, inter SR IBGP is automatically enabled if Tier-0 is created in ACTIVE_ACTIVE ha_mode. title: |- Enable inter SR IBGP configuration type: boolean local_as_num: description: | Specify BGP AS number for Tier-0 to advertize to BGP peers. AS number can be specified in ASPLAIN (e.g., "65546") or ASDOT (e.g., "1.10") format. Empty string disables BGP feature. It is required by normal tier0 but not required in vrf tier0. title: |- BGP AS number in ASPLAIN/ASDOT Format type: string multipath_relax: description: |- Flag to enable BGP multipath relax option. title: |- Flag to enable BGP multipath relax option type: boolean route_aggregations: description: | List of routes to be aggregated. items: $ref: '#/definitions/RouteAggregationEntry' maxItems: 1000 title: |- List of routes to be aggregated type: array type: object x-vmw-nsx-module: PolicyConnectivity description: | Contains BGP routing configuration. title: |- BGP routing config x-vmw-nsx-module: PolicyConnectivity BinaryPacketData: allOf: - $ref: '#/definitions/PacketData' - properties: payload: description: |- Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers. maxLength: 1336 title: |- RFC3548 compatible base64 encoded full payload type: string type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow BridgeEndpointStatistics: allOf: - $ref: '#/definitions/AggregatedDataCounter' - properties: endpoint_id: description: |- The id of the bridge endpoint readOnly: true title: |- The id of the bridge endpoint type: string last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer type: object x-vmw-nsx-module: AggSvcBridging x-vmw-nsx-module: AggSvcBridging BridgeEndpointStatus: properties: active_nodes: description: |- The Ids of the transport nodes which actively serve the endpoint. items: type: string readOnly: true title: |- The Ids of the transport nodes which actively serve the endpoint. type: array endpoint_id: description: |- The id of the bridge endpoint readOnly: true title: |- The id of the bridge endpoint type: string last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer type: object x-vmw-nsx-module: AggSvcBridging BridgeProfileConfig: description: |- configuration parameters for Bridge Profile properties: bridge_profile_path: description: |- Same bridge profile can be configured on different segments. Each bridge profile on a segment must unique. title: |- Policy path to L2 Bridge profile type: string uplink_teaming_policy_name: description: |- The name of the switching uplink teaming policy for the bridge endpoint. This name corresponds to one fot he switching uplink teaming policy names listed in teh transport zone. When this property is not specified, the teaming policy is assigned by MP. title: |- Uplink Teaming Policy Name type: string vlan_ids: description: |- VLAN specification for bridge endpoint. Either VLAN ID or VLAN ranges can be specified. Not both. items: type: string title: |- VLAN IDs type: array vlan_transport_zone_path: description: |- VLAN transport zone should belong to the enforcment-point as the transport zone specified in the segment. title: |- Policy path to VLAN Transport Zone type: string required: - vlan_transport_zone_path - bridge_profile_path title: |- Bridge Profile Configuration type: object x-vmw-nsx-module: PolicyConnectivity ByodPolicyServiceInstance: allOf: - $ref: '#/definitions/BasePolicyServiceInstance' - type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Represents an instance of partner's service whose wiring will be done by partner itself. As partner does all the wiring, we call it as Byod - Bring your own device. title: |- Represents instance of self wiring partner's service x-vmw-nsx-module: PolicyServiceInsertion ByodPolicyServiceInstanceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Byod Service instance list results items: $ref: '#/definitions/ByodPolicyServiceInstance' title: |- Byod Service instance list results type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Collection of only Byod SI objects title: |- Collection of only Byod SI objects x-vmw-nsx-module: PolicyServiceInsertion CaBundle: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: certificates: description: |- X509Certificates in the bundle items: $ref: '#/definitions/X509Certificate' readOnly: true type: array earliest_not_after: description: |- The earliest time in epoch milliseconds at which a certificate becomes invalid. format: int64 readOnly: true type: integer not_after_list: description: |- Times for each certificate in the bundle at which the certificate becomes invalid. items: description: |- Timestamp in milliseconds since epoch format: int64 type: integer readOnly: true type: array pem_encoded: description: |- PEM-encoded CA bundle certificates. readOnly: false type: string required: - pem_encoded type: object x-vmw-nsx-module: PolicyCertificate description: |- CA certificates bundle title: |- CA certificates bundle x-vmw-nsx-module: PolicyCertificate CaBundleListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- CA bundles list. items: $ref: '#/definitions/CaBundle' type: array required: - results type: object x-vmw-nsx-module: PolicyCertificate description: |- CA Bundle query result title: |- CA Bundle query result x-vmw-nsx-module: PolicyCertificate CapacityDashboardUsage: properties: current_usage_count: description: | Indicate the current usage count of object type. format: int64 title: |- Current usage count of object type type: integer current_usage_percentage: description: | Current usage percentage for object type title: |- Current usage percentage type: number display_name: description: | Display name for NSX object type. title: |- User friendly name for object type type: string max_supported_count: description: | This is the maximum supported count for object type in consideration. format: int64 title: |- Maximum supported count for object type type: integer max_threshold_percentage: description: | This indicates the maximum threshold percentage for object type. title: |- Max threshold percentage for object type type: number min_threshold_percentage: description: | This indicates the minimum threshold percentage for object type. title: |- Min threshold percentage for object type type: number severity: description: | Severity calculated from percentage usage enum: - INFO - WARNING - CRITICAL - ERROR title: |- Severity calculated from percentage usage type: string usage_type: description: | Indicate the object type for which usage is calculated. title: |- Object type for which usage is fetched type: string required: - current_usage_count - max_threshold_percentage - display_name - severity - min_threshold_percentage - current_usage_percentage - max_supported_count - usage_type type: object x-vmw-nsx-module: CapacityDashboard CapacityThreshold: properties: max_threshold_percentage: description: | Set the maximum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as critical. maximum: 100 minimum: 0 title: |- Maximum threshold percentage type: number min_threshold_percentage: description: | Set the minimum threshold percentage. Specify a value between 0 and 100. Usage percentage above this value is tagged as warning. maximum: 100 minimum: 0 title: |- Minimum threshold percentage type: number threshold_type: description: | Indicate the object type for which threshold is to be set. title: |- Object type for which threshold is to be set type: string required: - max_threshold_percentage - threshold_type - min_threshold_percentage type: object x-vmw-nsx-module: CapacityDashboard CapacityThresholdList: allOf: - $ref: '#/definitions/ManagedResource' - properties: capacity_thresholds: description: |- List of capacity thresholds for NSX Objects items: $ref: '#/definitions/CapacityThreshold' title: |- List of capacity thresholds for NSX Objects type: array required: - capacity_thresholds type: object x-vmw-nsx-module: CapacityDashboard x-vmw-nsx-module: CapacityDashboard CapacityUsageMetaInfo: properties: last_updated_timestamp: description: |- Timestamp at which capacity usage was last calculated format: int64 type: integer max_global_threshold_percentage: description: | Indicates the maximum global threshold percentage title: |- Maximum global threshold percentage type: number min_global_threshold_percentage: description: | Indicates the minimum global threshold percentage title: |- Minimum global threshold percentage type: number required: - max_global_threshold_percentage - min_global_threshold_percentage - last_updated_timestamp type: object x-vmw-nsx-module: CapacityDashboard CapacityUsageResponse: allOf: - $ref: '#/definitions/ManagedResource' - properties: capacity_usage: description: |- List of capacity usage for NSX Objects items: $ref: '#/definitions/CapacityDashboardUsage' title: |- List of capacity usage for NSX Objects type: array meta_info: description: |- Meta data for capacity usage statistics title: |- Meta data for capacity usage statistics type: object unreported_usage_types: description: |- Types for which usage data was not reported items: type: string title: |- Unreported usage types type: array required: - capacity_usage - meta_info type: object x-vmw-nsx-module: CapacityDashboard x-vmw-nsx-module: CapacityDashboard ChildALBAlertScriptConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBAlertScriptConfig: $ref: '#/definitions/ALBAlertScriptConfig' required: - ALBAlertScriptConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBAlertScriptConfig, used in hierarchical API. title: |- Wrapper object for ChildALBAlertScriptConfig x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBAnalyticsProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBAnalyticsProfile: $ref: '#/definitions/ALBAnalyticsProfile' required: - ALBAnalyticsProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBAnalyticsProfile, used in hierarchical API. title: |- Wrapper object for ChildALBAnalyticsProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBApplicationPersistenceProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBApplicationPersistenceProfile: $ref: '#/definitions/ALBApplicationPersistenceProfile' required: - ALBApplicationPersistenceProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBApplicationPersistenceProfile, used in hierarchical API. title: |- Wrapper object for ChildALBApplicationPersistenceProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBApplicationProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBApplicationProfile: $ref: '#/definitions/ALBApplicationProfile' required: - ALBApplicationProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBApplicationProfile, used in hierarchical API. title: |- Wrapper object for ChildALBApplicationProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBAuthProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBAuthProfile: $ref: '#/definitions/ALBAuthProfile' required: - ALBAuthProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBAuthProfile, used in hierarchical API. title: |- Wrapper object for ChildALBAuthProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBAutoScaleLaunchConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBAutoScaleLaunchConfig: $ref: '#/definitions/ALBAutoScaleLaunchConfig' required: - ALBAutoScaleLaunchConfig type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBAutoScaleLaunchConfig, used in hierarchical API. title: |- Wrapper object for ChildALBAutoScaleLaunchConfig x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBCertificateManagementProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBCertificateManagementProfile: $ref: '#/definitions/ALBCertificateManagementProfile' required: - ALBCertificateManagementProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBCertificateManagementProfile, used in hierarchical API. title: |- Wrapper object for ChildALBCertificateManagementProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBDnsPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBDnsPolicy: $ref: '#/definitions/ALBDnsPolicy' required: - ALBDnsPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBDnsPolicy, used in hierarchical API. title: |- Wrapper object for ChildALBDnsPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBErrorPageBody: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBErrorPageBody: $ref: '#/definitions/ALBErrorPageBody' required: - ALBErrorPageBody type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBErrorPageBody, used in hierarchical API. title: |- Wrapper object for ChildALBErrorPageBody x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBErrorPageProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBErrorPageProfile: $ref: '#/definitions/ALBErrorPageProfile' required: - ALBErrorPageProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBErrorPageProfile, used in hierarchical API. title: |- Wrapper object for ChildALBErrorPageProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBHTTPPolicySet: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBHTTPPolicySet: $ref: '#/definitions/ALBHTTPPolicySet' required: - ALBHTTPPolicySet type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBHTTPPolicySet, used in hierarchical API. title: |- Wrapper object for ChildALBHTTPPolicySet x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBHardwareSecurityModuleGroup: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBHardwareSecurityModuleGroup: $ref: '#/definitions/ALBHardwareSecurityModuleGroup' required: - ALBHardwareSecurityModuleGroup type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBHardwareSecurityModuleGroup, used in hierarchical API. title: |- Wrapper object for ChildALBHardwareSecurityModuleGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBHealthMonitor: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBHealthMonitor: $ref: '#/definitions/ALBHealthMonitor' required: - ALBHealthMonitor type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBHealthMonitor, used in hierarchical API. title: |- Wrapper object for ChildALBHealthMonitor x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBIpAddrGroup: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBIpAddrGroup: $ref: '#/definitions/ALBIpAddrGroup' required: - ALBIpAddrGroup type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBIpAddrGroup, used in hierarchical API. title: |- Wrapper object for ChildALBIpAddrGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBL4PolicySet: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBL4PolicySet: $ref: '#/definitions/ALBL4PolicySet' required: - ALBL4PolicySet type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBL4PolicySet, used in hierarchical API. title: |- Wrapper object for ChildALBL4PolicySet x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBNetworkProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBNetworkProfile: $ref: '#/definitions/ALBNetworkProfile' required: - ALBNetworkProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBNetworkProfile, used in hierarchical API. title: |- Wrapper object for ChildALBNetworkProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBNetworkSecurityPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBNetworkSecurityPolicy: $ref: '#/definitions/ALBNetworkSecurityPolicy' required: - ALBNetworkSecurityPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBNetworkSecurityPolicy, used in hierarchical API. title: |- Wrapper object for ChildALBNetworkSecurityPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBPKIProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBPKIProfile: $ref: '#/definitions/ALBPKIProfile' required: - ALBPKIProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBPKIProfile, used in hierarchical API. title: |- Wrapper object for ChildALBPKIProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBPool: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBPool: $ref: '#/definitions/ALBPool' required: - ALBPool type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBPool, used in hierarchical API. title: |- Wrapper object for ChildALBPool x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBPoolGroup: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBPoolGroup: $ref: '#/definitions/ALBPoolGroup' required: - ALBPoolGroup type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBPoolGroup, used in hierarchical API. title: |- Wrapper object for ChildALBPoolGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBPoolGroupDeploymentPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBPoolGroupDeploymentPolicy: $ref: '#/definitions/ALBPoolGroupDeploymentPolicy' required: - ALBPoolGroupDeploymentPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBPoolGroupDeploymentPolicy, used in hierarchical API. title: |- Wrapper object for ChildALBPoolGroupDeploymentPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBPriorityLabels: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBPriorityLabels: $ref: '#/definitions/ALBPriorityLabels' required: - ALBPriorityLabels type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBPriorityLabels, used in hierarchical API. title: |- Wrapper object for ChildALBPriorityLabels x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBProtocolParser: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBProtocolParser: $ref: '#/definitions/ALBProtocolParser' required: - ALBProtocolParser type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBProtocolParser, used in hierarchical API. title: |- Wrapper object for ChildALBProtocolParser x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBSSLKeyAndCertificate: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBSSLKeyAndCertificate: $ref: '#/definitions/ALBSSLKeyAndCertificate' required: - ALBSSLKeyAndCertificate type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBSSLKeyAndCertificate, used in hierarchical API. title: |- Wrapper object for ChildALBSSLKeyAndCertificate x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBSSLProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBSSLProfile: $ref: '#/definitions/ALBSSLProfile' required: - ALBSSLProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBSSLProfile, used in hierarchical API. title: |- Wrapper object for ChildALBSSLProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBSSOPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBSSOPolicy: $ref: '#/definitions/ALBSSOPolicy' required: - ALBSSOPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBSSOPolicy, used in hierarchical API. title: |- Wrapper object for ChildALBSSOPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBSecurityPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBSecurityPolicy: $ref: '#/definitions/ALBSecurityPolicy' required: - ALBSecurityPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBSecurityPolicy, used in hierarchical API. title: |- Wrapper object for ChildALBSecurityPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBServerAutoScalePolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBServerAutoScalePolicy: $ref: '#/definitions/ALBServerAutoScalePolicy' required: - ALBServerAutoScalePolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBServerAutoScalePolicy, used in hierarchical API. title: |- Wrapper object for ChildALBServerAutoScalePolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBStringGroup: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBStringGroup: $ref: '#/definitions/ALBStringGroup' required: - ALBStringGroup type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBStringGroup, used in hierarchical API. title: |- Wrapper object for ChildALBStringGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBTrafficCloneProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBTrafficCloneProfile: $ref: '#/definitions/ALBTrafficCloneProfile' required: - ALBTrafficCloneProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBTrafficCloneProfile, used in hierarchical API. title: |- Wrapper object for ChildALBTrafficCloneProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBVSDataScriptSet: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBVSDataScriptSet: $ref: '#/definitions/ALBVSDataScriptSet' required: - ALBVSDataScriptSet type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBVSDataScriptSet, used in hierarchical API. title: |- Wrapper object for ChildALBVSDataScriptSet x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBVirtualService: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBVirtualService: $ref: '#/definitions/ALBVirtualService' required: - ALBVirtualService type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBVirtualService, used in hierarchical API. title: |- Wrapper object for ChildALBVirtualService x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBVsVip: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBVsVip: $ref: '#/definitions/ALBVsVip' required: - ALBVsVip type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBVsVip, used in hierarchical API. title: |- Wrapper object for ChildALBVsVip x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBWafCRS: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBWafCRS: $ref: '#/definitions/ALBWafCRS' required: - ALBWafCRS type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBWafCRS, used in hierarchical API. title: |- Wrapper object for ChildALBWafCRS x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBWafPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBWafPolicy: $ref: '#/definitions/ALBWafPolicy' required: - ALBWafPolicy type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBWafPolicy, used in hierarchical API. title: |- Wrapper object for ChildALBWafPolicy x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBWafPolicyPSMGroup: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBWafPolicyPSMGroup: $ref: '#/definitions/ALBWafPolicyPSMGroup' required: - ALBWafPolicyPSMGroup type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBWafPolicyPSMGroup, used in hierarchical API. title: |- Wrapper object for ChildALBWafPolicyPSMGroup x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBWafProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBWafProfile: $ref: '#/definitions/ALBWafProfile' required: - ALBWafProfile type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBWafProfile, used in hierarchical API. title: |- Wrapper object for ChildALBWafProfile x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildALBWebhook: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ALBWebhook: $ref: '#/definitions/ALBWebhook' required: - ALBWebhook type: object x-vmw-nsx-module: PolicyAdvancedLoadBalancer description: | Child wrapper for ALBWebhook, used in hierarchical API. title: |- Wrapper object for ChildALBWebhook x-vmw-nsx-module: PolicyAdvancedLoadBalancer ChildAntreaTraceflowConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TraceflowConfig: $ref: '#/definitions/AntreaTraceflowConfig' required: - TraceflowConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper for AntreaTraceflowConfig, used in hierarchical API. title: |- Wrapper object for AnteaTraceflowConfig x-vmw-nsx-module: PolicyConnectivity ChildBfdProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: BfdProfile: $ref: '#/definitions/BfdProfile' required: - BfdProfile type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper for BfdProfile, used in hierarchical API. title: |- Wrapper object for BfdProfile x-vmw-nsx-module: PolicyConnectivity ChildBgpNeighborConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: BgpNeighborConfig: $ref: '#/definitions/BgpNeighborConfig' required: - BgpNeighborConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for BgpNeighborConfig, used in hierarchical API. title: |- Wrapper object for BgpNeighborConfig x-vmw-nsx-module: PolicyConnectivity ChildBgpRoutingConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: BgpRoutingConfig: $ref: '#/definitions/BgpRoutingConfig' required: - BgpRoutingConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for BgpRoutingConfig, used in hierarchical API. title: |- Wrapper object for BgpRoutingConfig x-vmw-nsx-module: PolicyConnectivity ChildByodPolicyServiceInstance: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ByodPolicyServiceInstance: $ref: '#/definitions/ByodPolicyServiceInstance' required: - ByodPolicyServiceInstance type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for ByodPolicyServiceInstance used in hierarchical API. title: |- Wrapper object for ByodPolicyServiceInstance x-vmw-nsx-module: PolicyServiceInsertion ChildCaBundle: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: CaBundle: $ref: '#/definitions/CaBundle' required: - CaBundle type: object x-vmw-nsx-module: PolicyCertificate description: |- Child wrapper for CA certificates bundle, used in hierarchical API. title: |- Child wrapper for CA certificates bundle, used in hierarchical API. x-vmw-nsx-module: PolicyCertificate ChildCommunicationEntry: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: CommunicationEntry: $ref: '#/definitions/CommunicationEntry' required: - CommunicationEntry type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead. title: |- Wrapper object for CommunicationEntry x-vmw-nsx-module: Policy ChildCommunicationMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: CommunicationMap: $ref: '#/definitions/CommunicationMap' required: - CommunicationMap type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead. title: |- Wrapper object for CommunicationMap x-vmw-nsx-module: Policy ChildCommunityList: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: CommunityList: $ref: '#/definitions/CommunityList' required: - CommunityList type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for CommunityList, used in hierarchical API title: |- Wrapper object for CommunityList x-vmw-nsx-module: PolicyConnectivity ChildComputeClusterIdfwConfiguration: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ComputeClusterIdfwConfiguration: $ref: '#/definitions/ComputeClusterIdfwConfiguration' required: - ComputeClusterIdfwConfiguration type: object x-vmw-nsx-module: PolicyFirewallConfiguration description: |- Wrapper object for ComputeClusterIdfwConfiguration title: |- Wrapper object for ComputeClusterIdfwConfiguration x-vmw-nsx-module: PolicyFirewallConfiguration ChildConstraint: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Constraint: $ref: '#/definitions/Constraint' required: - Constraint type: object x-vmw-nsx-module: PolicyConstraints description: |- Child wrapper object for Constraint, used in hierarchical API title: |- Wrapper object for Constraint x-vmw-nsx-module: PolicyConstraints ChildDeploymentZone: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DeploymentZone: $ref: '#/definitions/DeploymentZone' required: - DeploymentZone type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Child wrapper object for DeploymentZone, used in hierarchical API title: |- Wrapper object for DeploymentZone x-vmw-nsx-module: PolicyEnforcementPointManagement ChildDfwFirewallConfiguration: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DfwFirewallConfiguration: $ref: '#/definitions/DfwFirewallConfiguration' required: - DfwFirewallConfiguration type: object x-vmw-nsx-module: Policy description: |- Wrapper object for FirewallConfiguration title: |- Wrapper object for FirewallConfiguration x-vmw-nsx-module: Policy ChildDhcpRelayConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DhcpRelayConfig: $ref: '#/definitions/DhcpRelayConfig' required: - DhcpRelayConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for DhcpRelayConfig, used in hierarchical API title: |- Wrapper object for DhcpRelayConfig x-vmw-nsx-module: PolicyConnectivity ChildDhcpServerConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DhcpServerConfig: $ref: '#/definitions/DhcpServerConfig' required: - DhcpServerConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for DhcpServerConfig, used in hierarchical API title: |- Wrapper object for DhcpServerConfig x-vmw-nsx-module: PolicyConnectivity ChildDhcpStaticBindingConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DhcpStaticBindingConfig: $ref: '#/definitions/DhcpStaticBindingConfig' required: - DhcpStaticBindingConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper for DhcpStaticBindingConfig, used in hierarchical API. title: |- Wrapper object for DhcpStaticBindingConfig x-vmw-nsx-module: PolicyConnectivity ChildDnsSecurityProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DnsSecurityProfile: $ref: '#/definitions/DnsSecurityProfile' required: - DnsSecurityProfile type: object x-vmw-nsx-module: PolicyProfile description: |- Child wrapper object for DnsSecurityProfile, used in hierarchical API title: |- Wrapper object for DnsSecurityProfile x-vmw-nsx-module: PolicyProfile ChildDnsSecurityProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DnsSecurityProfileBindingMap: $ref: '#/definitions/DnsSecurityProfileBindingMap' required: - DnsSecurityProfileBindingMap type: object x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding description: | Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API title: |- Wrapper object for DnsSecurityProfileBindingMap x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding ChildDomain: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Domain: $ref: '#/definitions/Domain' required: - Domain type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for domain, used in hierarchical API. title: |- Wrapper object for Domain x-vmw-nsx-module: Policy ChildDomainDeploymentMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: DomainDeploymentMap: $ref: '#/definitions/DomainDeploymentMap' required: - DomainDeploymentMap type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Child wrapper object for DomainDeploymentMap, used in hierarchical API. title: |- Wrapper object for DomainDeploymentMap x-vmw-nsx-module: PolicyEnforcementPointManagement ChildEndpointPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: EndpointPolicy: $ref: '#/definitions/EndpointPolicy' required: - EndpointPolicy type: object x-vmw-nsx-module: PolicyGuestIntrospection description: | Child wrapper object for EndpointPolicy used in hierarchical API. title: |- Wrapper object for Endpoint Policy x-vmw-nsx-module: PolicyGuestIntrospection ChildEndpointRule: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: EndpointRule: $ref: '#/definitions/EndpointRule' required: - EndpointRule type: object x-vmw-nsx-module: PolicyGuestIntrospection description: | Child wrapper object for EndpointRule used in hierarchical API. title: |- Wrapper object for Endpoint Rule x-vmw-nsx-module: PolicyGuestIntrospection ChildEnforcementPoint: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: EnforcementPoint: $ref: '#/definitions/EnforcementPoint' required: - EnforcementPoint type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Child wrapper object for EnforcementPoint, used in hierarchical API. title: |- Wrapper object for EnforcementPoint x-vmw-nsx-module: PolicyEnforcementPointManagement ChildEvpnConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: EvpnConfig: $ref: '#/definitions/EvpnConfig' required: - EvpnConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for EvpnConfig, used in hierarchical API. title: |- Wrapper object for EvpnConfig x-vmw-nsx-module: PolicyConnectivity ChildEvpnTunnelEndpointConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: EvpnTunnelEndpointConfig: $ref: '#/definitions/EvpnTunnelEndpointConfig' required: - EvpnTunnelEndpointConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for EvpnTunnelEndpointConfig, used in hierarchical API. title: |- Wrapper object for EvpnTunnelEndpointConfig x-vmw-nsx-module: PolicyConnectivity ChildFloodProtectionProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: FloodProtectionProfile: $ref: '#/definitions/FloodProtectionProfile' required: - FloodProtectionProfile type: object x-vmw-nsx-module: PolicyProfile description: | Child wrapper object for FloodProtectionProfile, used in hierarchical API title: |- Wrapper object for FloodProtectionProfile x-vmw-nsx-module: PolicyProfile ChildFloodProtectionProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: FloodProtectionProfileBindingMap: $ref: '#/definitions/FloodProtectionProfileBindingMap' required: - FloodProtectionProfileBindingMap type: object x-vmw-nsx-module: PolicyProfile description: | Child wrapper object for FloodProtectionProfileBindingMap, used in hierarchical API title: |- Wrapper object for FloodProtectionProfileBindingMap x-vmw-nsx-module: PolicyProfile ChildForwardingPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ForwardingPolicy: $ref: '#/definitions/ForwardingPolicy' required: - ForwardingPolicy type: object x-vmw-nsx-module: PolicyForwarding description: | Child wrapper object for ForwardingPolicy used in Hierarchical API. title: | Wrapper object for children of type ForwardingPolicy x-vmw-nsx-module: PolicyForwarding ChildForwardingRule: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ForwardingRule: $ref: '#/definitions/ForwardingRule' required: - ForwardingRule type: object x-vmw-nsx-module: PolicyForwarding description: | Child wrapper object for ForwardingRule used in Hierarchical API. title: | Wrapper object for ForwardingRule x-vmw-nsx-module: PolicyForwarding ChildFqdnAnalysisConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: FqdnAnalysisConfig: $ref: '#/definitions/FqdnAnalysisConfig' required: - FqdnAnalysisConfig type: object x-vmw-nsx-module: PolicyUrlCategorization description: |- Child wrapper object for FqdnAnalysisConfig, used in hierarchical API title: |- Wrapper object for FqdnAnalysisConfig x-vmw-nsx-module: PolicyUrlCategorization ChildGatewayPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GatewayPolicy: $ref: '#/definitions/GatewayPolicy' required: - GatewayPolicy type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for GatewayPolicy, used in hierarchical API title: |- Wrapper object for GatewayPolicy x-vmw-nsx-module: Policy ChildGatewayQosProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: QosProfile: $ref: '#/definitions/GatewayQosProfile' required: - QosProfile type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper for GatewayQosProfile, used in hierarchical API. title: |- Wrapper object for GatewayQosProfile x-vmw-nsx-module: PolicyConnectivity ChildGeneralSecurityProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GeneralSecurityProfile: $ref: '#/definitions/GeneralSecurityProfile' required: - GeneralSecurityProfile type: object x-vmw-nsx-module: PolicyProfile description: | Child wrapper object for GeneralSecurityProfile, used in hierarchical API title: |- Wrapper object for GeneralSecurityProfile x-vmw-nsx-module: PolicyProfile ChildGeneralSecurityProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GeneralSecurityProfileBindingMap: $ref: '#/definitions/GeneralSecurityProfileBindingMap' required: - GeneralSecurityProfileBindingMap type: object x-vmw-nsx-module: PolicyProfile description: | Child wrapper object for GeneralSecurityProfileBindingMap, used in hierarchical API title: |- Wrapper object for GeneralSecurityProfileBindingMap x-vmw-nsx-module: PolicyProfile ChildGlobalConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GlobalConfig: $ref: '#/definitions/GlobalConfig' required: - GlobalConfig type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for GlobalConfig, used in hierarchical API title: |- Wrapper object for GlobalConfig x-vmw-nsx-module: Policy ChildGlobalIdsSignature: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GlobalIdsSignature: $ref: '#/definitions/GlobalIdsSignature' required: - GlobalIdsSignature type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for GlobalIdsSignature, used in hierarchical API title: |- Wrapper object for GlobalIdsSignature x-vmw-nsx-module: PolicyIDS ChildGlobalManager: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GlobalManager: $ref: '#/definitions/GlobalManager' required: - GlobalManager type: object x-vmw-nsx-module: PolicySiteGM description: |- Child wrapper object for Global Manager, used in hierarchical API. title: |- Wrapper object for Global Manager x-vmw-nsx-module: PolicySiteGM ChildGroup: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Group: $ref: '#/definitions/Group' required: - Group type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for group, used in hierarchical API. title: |- Wrapper object for Group x-vmw-nsx-module: Policy ChildGroupDiscoveryProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GroupDiscoveryProfileBindingMap: $ref: '#/definitions/GroupDiscoveryProfileBindingMap' required: - GroupDiscoveryProfileBindingMap type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: | Child wrapper obejct for GroupDiscoveryProfileBindingMap used in hierarchical API title: |- Wrapper object for GroupDiscoveryProfileBindingMap x-vmw-nsx-module: PolicyDiscoveryProfileBinding ChildGroupMonitoringProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GroupMonitoringProfileBindingMap: $ref: '#/definitions/GroupMonitoringProfileBindingMap' required: - GroupMonitoringProfileBindingMap type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: |- Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API title: |- Wrapper object for GroupMonitoringProfileBindingMap x-vmw-nsx-module: PolicyMonitoringProfileBinding ChildHostTransportNode: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: HostTransportNode: $ref: '#/definitions/HostTransportNode' required: - HostTransportNode type: object x-vmw-nsx-module: PolicyHostTransportNode description: |- Child wrapper for Host Transport Node, used in hierarchical API. title: |- Wrapper object for Host Transport Node x-vmw-nsx-module: PolicyHostTransportNode ChildHostTransportNodeCollection: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: HostTransportNodeCollection: $ref: '#/definitions/HostTransportNodeCollection' required: - HostTransportNodeCollection type: object x-vmw-nsx-module: HostTransportNodeCollection description: |- Child wrapper for Transport Collection, used in hierarchical API. title: |- Wrapper object for Transport Node Collection x-vmw-nsx-module: HostTransportNodeCollection ChildIPDiscoveryProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPDiscoveryProfile: $ref: '#/definitions/IPDiscoveryProfile' required: - IPDiscoveryProfile type: object x-vmw-nsx-module: PolicyIpDiscovery description: |- Child wrapper object for IPDiscoveryProfile, used in hierarchical API title: |- Wrapper object for IPDiscoveryProfile x-vmw-nsx-module: PolicyIpDiscovery ChildIPFIXDFWCollectorProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPFIXDFWCollectorProfile: $ref: '#/definitions/IPFIXDFWCollectorProfile' required: - IPFIXDFWCollectorProfile type: object x-vmw-nsx-module: PolicyIPFIXDFW description: |- Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API title: |- Wrapper object for IPFIXDFWCollectorProfile x-vmw-nsx-module: PolicyIPFIXDFW ChildIPFIXDFWProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPFIXDFWProfile: $ref: '#/definitions/IPFIXDFWProfile' required: - IPFIXDFWProfile type: object x-vmw-nsx-module: PolicyIPFIXDFW description: |- Child wrapper object for IPFIXDFWProfile, used in hierarchical API title: |- Wrapper object for IPFIXDFWProfile x-vmw-nsx-module: PolicyIPFIXDFW ChildIPFIXL2CollectorProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPFIXL2CollectorProfile: $ref: '#/definitions/IPFIXL2CollectorProfile' required: - IPFIXL2CollectorProfile type: object x-vmw-nsx-module: PolicyIPFIXSwitch description: |- Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API title: |- Wrapper object for IPFIXL2CollectorProfile x-vmw-nsx-module: PolicyIPFIXSwitch ChildIPFIXL2Profile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPFIXL2Profile: $ref: '#/definitions/IPFIXL2Profile' required: - IPFIXL2Profile type: object x-vmw-nsx-module: PolicyIPFIXSwitch description: |- Child wrapper object for IPFIXL2Profile, used in hierarchical API title: |- Wrapper object for IPFIXL2Profile x-vmw-nsx-module: PolicyIPFIXSwitch ChildIPSecVpnDpdProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPSecVpnDpdProfile: $ref: '#/definitions/IPSecVpnDpdProfile' required: - IPSecVpnDpdProfile type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API. title: |- Wrapper object for IPSecVpnDpdProfile x-vmw-nsx-module: PolicyVpnIPSecVpn ChildIPSecVpnIkeProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPSecVpnIkeProfile: $ref: '#/definitions/IPSecVpnIkeProfile' required: - IPSecVpnIkeProfile type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API. title: |- Wrapper object for IPSecVpnIkeProfile x-vmw-nsx-module: PolicyVpnIPSecVpn ChildIPSecVpnLocalEndpoint: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPSecVpnLocalEndpoint: $ref: '#/definitions/IPSecVpnLocalEndpoint' required: - IPSecVpnLocalEndpoint type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API. title: |- Wrapper object for IPSecVpnLocalEndpoint x-vmw-nsx-module: PolicyVpnIPSecVpn ChildIPSecVpnService: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPSecVpnService: $ref: '#/definitions/IPSecVpnService' required: - IPSecVpnService type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Child wrapper object for IPSecVpnService, used in hierarchical API. title: |- Wrapper object for IPSecVpnService x-vmw-nsx-module: PolicyVpnIPSecVpn ChildIPSecVpnSession: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPSecVpnSession: $ref: '#/definitions/IPSecVpnSession' required: - IPSecVpnSession type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Child wrapper object for IPSecVpnSession, used in hierarchical API. title: |- Wrapper object for IPSecVpnSession x-vmw-nsx-module: PolicyVpnIPSecVpn ChildIPSecVpnTunnelProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IPSecVpnTunnelProfile: $ref: '#/definitions/IPSecVpnTunnelProfile' required: - IPSecVpnTunnelProfile type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API. title: |- Wrapper object for IPSecVpnTunnelProfile x-vmw-nsx-module: PolicyVpnIPSecVpn ChildIdsClusterConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsClusterConfig: $ref: '#/definitions/IdsClusterConfig' required: - IdsClusterConfig type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsClusterConfig, used in hierarchical API title: |- Wrapper object for IdsClusterConfig x-vmw-nsx-module: PolicyIDS ChildIdsGatewayPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsGatewayPolicy: $ref: '#/definitions/IdsGatewayPolicy' required: - IdsGatewayPolicy type: object x-vmw-nsx-module: PolicyIDSGateway description: |- Child wrapper object for IdsGatewayPolicy, used in hierarchical API title: |- Wrapper object for IdsGatewayPolicy x-vmw-nsx-module: PolicyIDSGateway ChildIdsGlobalEventConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsGlobalEventConfig: $ref: '#/definitions/IdsGlobalEventConfig' required: - IdsGlobalEventConfig type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsGlobalEventConfig, used in hierarchical API title: |- Wrapper object for IdsGlobalEventConfig x-vmw-nsx-module: PolicyIDS ChildIdsProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsProfile: $ref: '#/definitions/IdsProfile' required: - IdsProfile type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsProfile, used in hierarchical API title: |- Wrapper object for IdsProfile x-vmw-nsx-module: PolicyIDS ChildIdsRule: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsRule: $ref: '#/definitions/IdsRule' required: - IdsRule type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsRule, used in hierarchical API title: |- Wrapper object for IdsRule x-vmw-nsx-module: PolicyIDS ChildIdsSecurityPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsSecurityPolicy: $ref: '#/definitions/IdsSecurityPolicy' required: - IdsSecurityPolicy type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsSecurityPolicy, used in hierarchical API title: |- Wrapper object for IdsSecurityPolicy x-vmw-nsx-module: PolicyIDS ChildIdsSettings: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsSettings: $ref: '#/definitions/IdsSettings' required: - IdsSettings type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsSettings, used in hierarchical API title: |- Wrapper object for IdsSettings x-vmw-nsx-module: PolicyIDS ChildIdsSignature: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsSignature: $ref: '#/definitions/IdsSignature' required: - IdsSignature type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsSignature, used in hierarchical API title: |- Wrapper object for IdsSignature x-vmw-nsx-module: PolicyIDS ChildIdsSignatureStatus: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsSignatureStatus: $ref: '#/definitions/IdsSignatureStatus' required: - IdsSignatureStatus type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsSignatureStatus, used in hierarchical API title: |- Wrapper object for IdsSignatureStatus x-vmw-nsx-module: PolicyIDS ChildIdsStandaloneHostConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IdsStandaloneHostConfig: $ref: '#/definitions/IdsStandaloneHostConfig' required: - IdsStandaloneHostConfig type: object x-vmw-nsx-module: PolicyIDS description: |- Child wrapper object for IdsStandaloneHostConfig, used in hierarchical API title: |- Wrapper object for IdsStandaloneHostConfig x-vmw-nsx-module: PolicyIDS ChildInfra: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Infra: $ref: '#/definitions/Infra' required: - Infra type: object x-vmw-nsx-module: Policy description: | Child wrapper object for Infra, used in multi-tenancy hierarchical API title: |- Wrapper object for Infra x-vmw-nsx-module: Policy ChildIpAddressAllocation: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IpAddressAllocation: $ref: '#/definitions/IpAddressAllocation' required: - IpAddressAllocation type: object x-vmw-nsx-module: PolicyIpam description: |- Child wrapper object for IpAddressAllocation, used in hierarchical API title: |- Wrapper object for IpAddressAllocation x-vmw-nsx-module: PolicyIpam ChildIpAddressBlock: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IpAddressBlock: $ref: '#/definitions/IpAddressBlock' required: - IpAddressBlock type: object x-vmw-nsx-module: PolicyIpam description: |- Child wrapper object for IpAddressBlock, used in hierarchical API title: |- Wrapper object for IpAddressBlock x-vmw-nsx-module: PolicyIpam ChildIpAddressPool: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IpAddressPool: $ref: '#/definitions/IpAddressPool' required: - IpAddressPool type: object x-vmw-nsx-module: PolicyIpam description: |- Child wrapper object for IpAddressPool, used in hierarchical API title: |- Wrapper object for IpAddressPool x-vmw-nsx-module: PolicyIpam ChildIpAddressPoolSubnet: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: IpAddressPoolSubnet: $ref: '#/definitions/IpAddressPoolSubnet' required: - IpAddressPoolSubnet type: object x-vmw-nsx-module: PolicyIpam description: |- Child wrapper object for IpAddressPoolSubnet, used in hierarchical API title: |- Wrapper object for IpAddressPoolSubnet x-vmw-nsx-module: PolicyIpam ChildIpv6DadProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Ipv6DadProfile: $ref: '#/definitions/Ipv6DadProfile' required: - Ipv6DadProfile type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for Ipv6DadProfile, used in hierarchical API title: |- Wrapper object for Ipv6DadProfile x-vmw-nsx-module: PolicyConnectivity ChildIpv6NdraProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Ipv6NdraProfile: $ref: '#/definitions/Ipv6NdraProfile' required: - Ipv6NdraProfile type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for Ipv6NdraProfile, used in hierarchical API title: |- Wrapper object for Ipv6NdraProfile x-vmw-nsx-module: PolicyConnectivity ChildL2BridgeEndpointProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L2BridgeEndpointProfile: $ref: '#/definitions/L2BridgeEndpointProfile' required: - L2BridgeEndpointProfile type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for L2BridgeEndpointProfile, used in hierarchical API title: |- Wrapper object for L2BridgeEndpointProfile x-vmw-nsx-module: PolicyConnectivity ChildL2VPNService: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L2VPNService: $ref: '#/definitions/L2VPNService' required: - L2VPNService type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: |- Child wrapper object for L2VPNService, used in hierarchical API. title: |- Wrapper object for L2VPNService x-vmw-nsx-module: PolicyVpnLayer2VPN ChildL2VPNSession: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L2VPNSession: $ref: '#/definitions/L2VPNSession' required: - L2VPNSession type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: |- Child wrapper object for L2VPNSession, used in hierarchical API. title: |- Wrapper object for L2VPNSession x-vmw-nsx-module: PolicyVpnLayer2VPN ChildL2Vpn: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L2Vpn: $ref: '#/definitions/L2Vpn' required: - L2Vpn type: object x-vmw-nsx-module: PolicyL2Vpn description: |- Child wrapper object for L2Vpn, used in hierarchical API. title: |- Wrapper object for L2Vpn x-vmw-nsx-module: PolicyL2Vpn ChildL2VpnContext: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L2VpnContext: $ref: '#/definitions/L2VpnContext' required: - L2VpnContext type: object x-vmw-nsx-module: PolicyL2Vpn description: |- Child wrapper object for L2VpnContext, used in hierarchical API. title: |- Wrapper object for L2VpnContext x-vmw-nsx-module: PolicyL2Vpn ChildL3Vpn: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L3Vpn: $ref: '#/definitions/L3Vpn' required: - L3Vpn type: object x-vmw-nsx-module: PolicyL3Vpn description: |- Child wrapper object for L3Vpn, used in hierarchical API. title: |- Wrapper object for L3Vpn x-vmw-nsx-module: PolicyL3Vpn ChildL3VpnContext: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L3VpnContext: $ref: '#/definitions/L3VpnContext' required: - L3VpnContext type: object x-vmw-nsx-module: PolicyL3Vpn description: |- Child wrapper object for L3VpnContext, used in hierarchical API. title: |- Wrapper object for L3VpnContext x-vmw-nsx-module: PolicyL3Vpn ChildL7AccessEntry: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L7AccessEntry: $ref: '#/definitions/L7AccessEntry' required: - L7AccessEntry type: object x-vmw-nsx-module: L7AccessProfile description: |- Child wrapper object for L7 Access Entry, used in hierarchical API title: |- Wrapper object for L7 Access Entry x-vmw-nsx-module: L7AccessProfile ChildL7AccessProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: L7AccessProfile: $ref: '#/definitions/L7AccessProfile' required: - L7AccessProfile type: object x-vmw-nsx-module: L7AccessProfile description: |- Child wrapper object for L7 Access Profile, used in hierarchical API title: |- Wrapper object for L7 Access Profile x-vmw-nsx-module: L7AccessProfile ChildLBAppProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBAppProfile: $ref: '#/definitions/LBAppProfile' required: - LBAppProfile type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Child wrapper for LBAppProfile, used in hierarchical API. title: |- Wrapper object for LBAppProfile x-vmw-nsx-module: PolicyLoadBalancer ChildLBClientSslProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBClientSslProfile: $ref: '#/definitions/LBClientSslProfile' required: - LBClientSslProfile type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Child wrapper for LBClientSslProfile, used in hierarchical API. title: |- Wrapper object for LBClientSslProfile x-vmw-nsx-module: PolicyLoadBalancer ChildLBMonitorProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBMonitorProfile: $ref: '#/definitions/LBMonitorProfile' required: - LBMonitorProfile type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Child wrapper for LBMonitorProfile, used in hierarchical API. title: |- Wrapper object for LBMonitorProfile x-vmw-nsx-module: PolicyLoadBalancer ChildLBPersistenceProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBPersistenceProfile: $ref: '#/definitions/LBPersistenceProfile' required: - LBPersistenceProfile type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Child wrapper for LBPersistenceProfile, used in hierarchical API. title: |- Wrapper object for LBPersistenceProfile x-vmw-nsx-module: PolicyLoadBalancer ChildLBPool: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBPool: $ref: '#/definitions/LBPool' required: - LBPool type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Child wrapper for LBPool, used in hierarchical API. title: |- Wrapper object for LBPool x-vmw-nsx-module: PolicyLoadBalancer ChildLBServerSslProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBServerSslProfile: $ref: '#/definitions/LBServerSslProfile' required: - LBServerSslProfile type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Child wrapper for LBServerSslProfile, used in hierarchical API. title: |- Wrapper object for LBServerSslProfile x-vmw-nsx-module: PolicyLoadBalancer ChildLBService: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBService: $ref: '#/definitions/LBService' required: - LBService type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Child wrapper for LBService, used in hierarchical API. title: |- Wrapper object for LBService x-vmw-nsx-module: PolicyLoadBalancer ChildLBVirtualServer: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LBVirtualServer: $ref: '#/definitions/LBVirtualServer' required: - LBVirtualServer type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Child wrapper for LBVirtualServer, used in hierarchical API. title: |- Wrapper object for LBVirtualServer x-vmw-nsx-module: PolicyLoadBalancer ChildLiveTraceConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LiveTraceConfig: $ref: '#/definitions/LiveTraceConfig' required: - LiveTraceConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper for LiveTraceConfig for Hierarchical API title: |- Wrapper object for LiveTraceConfig x-vmw-nsx-module: PolicyConnectivity ChildLocaleServices: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: LocaleServices: $ref: '#/definitions/LocaleServices' required: - LocaleServices type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for LocaleServices, used in hierarchical API title: |- Wrapper object for LocaleServices x-vmw-nsx-module: PolicyConnectivity ChildMacDiscoveryProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: MacDiscoveryProfile: $ref: '#/definitions/MacDiscoveryProfile' required: - MacDiscoveryProfile type: object x-vmw-nsx-module: PolicyMacDiscovery description: |- Child wrapper object for MacDiscoveryProfile, used in hierarchical API title: |- Wrapper object for MacDiscoveryProfile x-vmw-nsx-module: PolicyMacDiscovery ChildMalwarePreventionProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: MalwarePreventionProfile: $ref: '#/definitions/MalwarePreventionProfile' required: - MalwarePreventionProfile type: object x-vmw-nsx-module: PolicyAntiMalware description: |- Child wrapper object for MalwarePreventionProfile, used in hierarchical API title: |- Wrapper object for MalwarePreventionProfile x-vmw-nsx-module: PolicyAntiMalware ChildMalwarePreventionSignature: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: MalwarePreventionSignature: $ref: '#/definitions/MalwarePreventionSignature' required: - MalwarePreventionSignature type: object x-vmw-nsx-module: PolicyAntiMalware description: |- Child wrapper object for MalwarePreventionSignature, used in hierarchical API title: |- Wrapper object for MalwarePreventionSignature x-vmw-nsx-module: PolicyAntiMalware ChildMetadataProxyConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: MetadataProxyConfig: $ref: '#/definitions/MetadataProxyConfig' required: - MetadataProxyConfig type: object x-vmw-nsx-module: PolicyMetadataProxy description: |- Wrapper object for MetadataProxyConfig title: |- Wrapper object for MetadataProxyConfig x-vmw-nsx-module: PolicyMetadataProxy ChildOpsGlobalConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: GlobalConfig: $ref: '#/definitions/OpsGlobalConfig' required: - GlobalConfig type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for OpsGlobalConfig, used in hierarchical API title: |- Wrapper object for OpsGlobalConfig x-vmw-nsx-module: Policy ChildOspfAreaConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: OspfAreaConfig: $ref: '#/definitions/OspfAreaConfig' required: - OspfAreaConfig type: object x-vmw-nsx-module: PolicyOspf description: |- Child wrapper object for OspfAreaConfig used in hierarchical API. title: |- Wrapper object for OSPF routing config x-vmw-nsx-module: PolicyOspf ChildOspfRoutingConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: OspfRoutingConfig: $ref: '#/definitions/OspfRoutingConfig' required: - OspfRoutingConfig type: object x-vmw-nsx-module: PolicyOspf description: |- Child wrapper object for OspfRoutingConfig used in hierarchical API. title: |- Wrapper object for OSPF routing config x-vmw-nsx-module: PolicyOspf ChildPolicyConfigResource: allOf: - $ref: '#/definitions/ManagedResource' - discriminator: resource_type properties: mark_for_override: default: false description: |- Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. title: |- Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. type: boolean marked_for_delete: default: false description: | If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully. title: |- Indicates whether the intent object is marked for deletion type: boolean resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: Policy description: |- Represents an object on the desired state title: |- Represents the desired state object as child resource x-vmw-nsx-module: Policy ChildPolicyContextProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyContextProfile: $ref: '#/definitions/PolicyContextProfile' required: - PolicyContextProfile type: object x-vmw-nsx-module: PolicyContextProfile description: |- Child wrapper object for PolicyContextProfile, used in hierarchical API title: |- Wrapper object for PolicyContextProfile x-vmw-nsx-module: PolicyContextProfile ChildPolicyCustomAttributes: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyCustomAttributes: $ref: '#/definitions/PolicyCustomAttributes' required: - PolicyCustomAttributes type: object x-vmw-nsx-module: PolicyContextProfile description: |- Child wrapper object for PolicyCustomAttributes, used in hierarchical API title: |- Wrapper object for PolicyCustomAttributes x-vmw-nsx-module: PolicyContextProfile ChildPolicyDnsForwarder: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyDnsForwarder: $ref: '#/definitions/PolicyDnsForwarder' required: - PolicyDnsForwarder type: object x-vmw-nsx-module: PolicyDnsForwarder description: |- Child wrapper object for PolicyDnsForwarder, used in hierarchical API title: |- Wrapper object for PolicyDnsForwarder x-vmw-nsx-module: PolicyDnsForwarder ChildPolicyDnsForwarderZone: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyDnsForwarderZone: $ref: '#/definitions/PolicyDnsForwarderZone' required: - PolicyDnsForwarderZone type: object x-vmw-nsx-module: PolicyDnsForwarder description: |- Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API title: |- Wrapper object for PolicyDnsForwarderZone x-vmw-nsx-module: PolicyDnsForwarder ChildPolicyEdgeCluster: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyEdgeCluster: $ref: '#/definitions/PolicyEdgeCluster' required: - PolicyEdgeCluster type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Child wrapper object for PolicyEdgeCluster, used in hierarchical API. title: |- Wrapper object for PolicyEdgeCluster x-vmw-nsx-module: PolicyEnforcementPointManagement ChildPolicyEdgeNode: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyEdgeNode: $ref: '#/definitions/PolicyEdgeNode' required: - PolicyEdgeNode type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Child wrapper object for PolicyEdgeNode, used in hierarchical API. title: |- Wrapper object for PolicyEdgeNode x-vmw-nsx-module: PolicyEnforcementPointManagement ChildPolicyExcludeList: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyExcludeList: $ref: '#/definitions/PolicyExcludeList' required: - PolicyExcludeList type: object x-vmw-nsx-module: PolicyFirewallConfiguration description: |- Wrapper object for PolicyExcludeList title: |- Wrapper object for PolicyExcludeList x-vmw-nsx-module: PolicyFirewallConfiguration ChildPolicyFirewallCPUMemThresholdsProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyFirewallCPUMemThresholdsProfileBindingMap: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMap' required: - PolicyFirewallCPUMemThresholdsProfileBindingMap type: object x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding description: | Child wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap, used in hierarchical API. title: |- Wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding ChildPolicyFirewallCpuMemThresholdsProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyFirewallCpuMemThresholdsProfile: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' required: - PolicyFirewallCpuMemThresholdsProfile type: object x-vmw-nsx-module: PolicyProfile description: | Child wrapper object for PolicyFirewallCpuMemThresholdsProfile, used in hierarchical API. title: |- Wrapper object for PolicyFirewallCpuMemThresholdsProfile x-vmw-nsx-module: PolicyProfile ChildPolicyFirewallFloodProtectionProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyFirewallFloodProtectionProfileBindingMap: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMap' required: - PolicyFirewallFloodProtectionProfileBindingMap type: object x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding description: | Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap, used in hierarchical API title: |- Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding ChildPolicyFirewallScheduler: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyFirewallScheduler: $ref: '#/definitions/PolicyFirewallScheduler' required: - PolicyFirewallScheduler type: object x-vmw-nsx-module: PolicyFirewallScheduler description: |- Child wrapper object for PolicyFirewallScheduler, used in hierarchical API title: |- Wrapper object for PolicyFirewallScheduler x-vmw-nsx-module: PolicyFirewallScheduler ChildPolicyFirewallSessionTimerProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyFirewallSessionTimerProfile: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' required: - PolicyFirewallSessionTimerProfile type: object x-vmw-nsx-module: PolicyFirewallSessionTimerProfile description: | Child wrapper object for PolicyFirewallSessionTimerProfile, used in hierarchical API title: |- Wrapper object for PolicyFirewallSessionTimerProfile x-vmw-nsx-module: PolicyFirewallSessionTimerProfile ChildPolicyFirewallSessionTimerProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyFirewallSessionTimerProfileBindingMap: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMap' required: - PolicyFirewallSessionTimerProfileBindingMap type: object x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding description: | Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap, used in hierarchical API title: |- Wrapper object for PolicyFirewallSessionTimerProfileBindingMap x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding ChildPolicyIgmpProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyIgmpProfile: $ref: '#/definitions/PolicyIgmpProfile' required: - PolicyIgmpProfile type: object x-vmw-nsx-module: PolicyMulticast description: | Child wrapper object for PolicyIgmpProfile used in hierarchical API. title: |- Wrapper object for PolicyIgmpProfile x-vmw-nsx-module: PolicyMulticast ChildPolicyLabel: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyLabel: $ref: '#/definitions/PolicyLabel' required: - PolicyLabel type: object x-vmw-nsx-module: PolicyLabel description: |- Child wrapper object for PolicyLabel, used in hierarchical API title: |- Wrapper object for PolicyLabel x-vmw-nsx-module: PolicyLabel ChildPolicyLatencyStatProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyLatencyStatProfile: $ref: '#/definitions/PolicyLatencyStatProfile' required: - PolicyLatencyStatProfile type: object x-vmw-nsx-module: PolicyLatency description: |- Child wrapper object for PolicyLatencyStatProfile, used in hierarchical API title: |- Wrapper object for PolicyLatencyStatProfile x-vmw-nsx-module: PolicyLatency ChildPolicyMulticastConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyMulticastConfig: $ref: '#/definitions/PolicyMulticastConfig' required: - PolicyMulticastConfig type: object x-vmw-nsx-module: PolicyMulticast description: |- Child wrapper object for PolicyMulticastConfig used in hierarchical API. title: |- Wrapper object for PolicyMulticastConfig x-vmw-nsx-module: PolicyMulticast ChildPolicyNat: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyNat: $ref: '#/definitions/PolicyNat' required: - PolicyNat type: object x-vmw-nsx-module: PolicyNAT description: |- Child wrapper object for PolicyNat, used in hierarchical API title: |- Wrapper object for PolicyNat x-vmw-nsx-module: PolicyNAT ChildPolicyNatRule: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyNatRule: $ref: '#/definitions/PolicyNatRule' required: - PolicyNatRule type: object x-vmw-nsx-module: PolicyNAT description: |- Child wrapper object for PolicyNatRule, used in hierarchical API title: |- Wrapper object for PolicyNatRule x-vmw-nsx-module: PolicyNAT ChildPolicyPimProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyPimProfile: $ref: '#/definitions/PolicyPimProfile' required: - PolicyPimProfile type: object x-vmw-nsx-module: PolicyMulticast description: | Child wrapper object for PolicyPimProfile used in hierarchical API. title: |- Wrapper object for PolicyPimProfile x-vmw-nsx-module: PolicyMulticast ChildPolicySIExcludeList: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicySIExcludeList: $ref: '#/definitions/PolicySIExcludeList' required: - PolicySIExcludeList type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Wrapper object for PolicySIExcludeList title: |- Wrapper object for PolicySIExcludeList x-vmw-nsx-module: PolicyServiceInsertion ChildPolicyServiceChain: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyServiceChain: $ref: '#/definitions/PolicyServiceChain' required: - PolicyServiceChain type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for PolicyServiceInstance used in hierarchical API. title: |- Wrapper object for PolicyServiceChain x-vmw-nsx-module: PolicyServiceInsertion ChildPolicyServiceInstance: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyServiceInstance: $ref: '#/definitions/PolicyServiceInstance' required: - PolicyServiceInstance type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for PolicyServiceInstance used in hierarchical API. title: |- Wrapper object for PolicyServiceInstance x-vmw-nsx-module: PolicyServiceInsertion ChildPolicyServiceProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyServiceProfile: $ref: '#/definitions/PolicyServiceProfile' required: - PolicyServiceProfile type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for PolicyServiceProfile used in hierarchical API. title: |- Wrapper object for PolicyServiceProfile x-vmw-nsx-module: PolicyServiceInsertion ChildPolicyTier1MulticastConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyTier1MulticastConfig: $ref: '#/definitions/PolicyTier1MulticastConfig' required: - PolicyTier1MulticastConfig type: object x-vmw-nsx-module: PolicyMulticast description: |- Child wrapper object for PolicyTier1MulticastConfig used in hierarchical API. title: |- Wrapper object for PolicyTier1MulticastConfig x-vmw-nsx-module: PolicyMulticast ChildPolicyTlsConfigProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyTlsConfigProfile: $ref: '#/definitions/PolicyTlsConfigProfile' required: - PolicyTlsConfigProfile type: object x-vmw-nsx-module: PolicyTlsConfigProfile description: | Child wrapper object for PolicyTlsConfigProfile, used in hierarchical API title: |- Wrapper object for PolicyTlsConfigProfile x-vmw-nsx-module: PolicyTlsConfigProfile ChildPolicyTransportZone: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyTransportZone: $ref: '#/definitions/PolicyTransportZone' required: - PolicyTransportZone type: object x-vmw-nsx-module: PolicyTransportZone description: |- Child wrapper object for PolicyTransportZone, used in hierarchical API. title: |- Wrapper object for PolicyTransportZone x-vmw-nsx-module: PolicyTransportZone ChildPolicyTransportZoneProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyTransportZoneProfile: $ref: '#/definitions/PolicyTransportZoneProfile' required: - PolicyTransportZoneProfile type: object x-vmw-nsx-module: PolicyTransportZoneProfile description: |- Child wrapper object for PolicyTransportZoneProfile, used in hierarchical API. title: |- Wrapper object for PolicyTransportZoneProfile x-vmw-nsx-module: PolicyTransportZoneProfile ChildPolicyUrlCategorizationConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicyUrlCategorizationConfig: $ref: '#/definitions/PolicyUrlCategorizationConfig' required: - PolicyUrlCategorizationConfig type: object x-vmw-nsx-module: PolicyUrlCategorization description: |- Child wrapper object for PolicyUrlCategorizationConfig, used in hierarchical API title: |- Wrapper object for PolicyUrlCategorizationConfig x-vmw-nsx-module: PolicyUrlCategorization ChildPortDiscoveryProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PortDiscoveryProfileBindingMap: $ref: '#/definitions/PortDiscoveryProfileBindingMap' required: - PortDiscoveryProfileBindingMap type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: |- Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API title: |- Wrapper object for PortDiscoveryProfileBindingMap x-vmw-nsx-module: PolicyDiscoveryProfileBinding ChildPortMirroringProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PortMirroringProfile: $ref: '#/definitions/PortMirroringProfile' required: - PortMirroringProfile type: object x-vmw-nsx-module: PolicyPortMirroring description: |- Child wrapper object for PortMirroringProfile, used in hierarchical API title: |- Wrapper object for PortMirroringProfile x-vmw-nsx-module: PolicyPortMirroring ChildPortMonitoringProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PortMonitoringProfileBindingMap: $ref: '#/definitions/PortMonitoringProfileBindingMap' required: - PortMonitoringProfileBindingMap type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: |- Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API title: |- Wrapper object for PortMonitoringProfileBindingMap x-vmw-nsx-module: PolicyMonitoringProfileBinding ChildPortQoSProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PortQoSProfileBindingMap: $ref: '#/definitions/PortQoSProfileBindingMap' required: - PortQoSProfileBindingMap type: object x-vmw-nsx-module: PolicyQoSProfileBinding description: |- Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API title: |- Wrapper object for PortQoSProfileBindingMap x-vmw-nsx-module: PolicyQoSProfileBinding ChildPortSecurityProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PortSecurityProfileBindingMap: $ref: '#/definitions/PortSecurityProfileBindingMap' required: - PortSecurityProfileBindingMap type: object x-vmw-nsx-module: PolicySecurityProfileBinding description: |- Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API title: |- Wrapper object for PortSecurityProfileBindingMap x-vmw-nsx-module: PolicySecurityProfileBinding ChildPrefixList: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PrefixList: $ref: '#/definitions/PrefixList' required: - PrefixList type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for PrefixList, used in hierarchical API. title: |- Wrapper object for PrefixList x-vmw-nsx-module: PolicyConnectivity ChildQoSProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: QoSProfile: $ref: '#/definitions/QoSProfile' required: - QoSProfile type: object x-vmw-nsx-module: PolicyQoS description: |- Child wrapper object for QoSProfile, used in hierarchical API title: |- Wrapper object for QoSProfile x-vmw-nsx-module: PolicyQoS ChildReaction: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Reaction: $ref: '#/definitions/Reaction' required: - Reaction type: object x-vmw-nsx-module: PolicyReaction description: | Child wrapper object for Reaction used in hierarchical API. title: |- Wrapper object for Reaction x-vmw-nsx-module: PolicyReaction ChildRedirectionPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: RedirectionPolicy: $ref: '#/definitions/RedirectionPolicy' required: - RedirectionPolicy type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for RedirectionPolicy used in Hierarchical API. title: | Wrapper object for RedirectionPolicy x-vmw-nsx-module: PolicyServiceInsertion ChildRedirectionRule: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: RedirectionRule: $ref: '#/definitions/RedirectionRule' required: - RedirectionRule type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for ChildRedirectionRule used in Hierarchical API. title: | Wrapper object for RedirectionRule x-vmw-nsx-module: PolicyServiceInsertion ChildResourceReference: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: children: description: | subtree for this type within policy tree containing nested elements. items: $ref: '#/definitions/ChildPolicyConfigResource' title: |- subtree for this type within policy tree type: array target_type: description: |- The target type of this reference title: |- The target type of this reference type: string required: - target_type type: object x-vmw-nsx-module: Policy description: |- Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields. title: |- Represents the reference to ChildPolicyConfigResource x-vmw-nsx-module: Policy ChildRule: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Rule: $ref: '#/definitions/Rule' required: - Rule type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for Rule, used in hierarchical API title: |- Wrapper object for Rule x-vmw-nsx-module: Policy ChildSIStatusConfiguration: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: PolicySIStatusConfiguration: $ref: '#/definitions/PolicySIStatusConfiguration' required: - PolicySIStatusConfiguration type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Wrapper object for PolicySIStatusConfiguration title: |- Wrapper object for PolicySIStatusConfiguration x-vmw-nsx-module: PolicyServiceInsertion ChildSecurityFeatures: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SecurityFeatures: $ref: '#/definitions/SecurityFeatures' required: - SecurityFeatures type: object x-vmw-nsx-module: PolicyGatewaySecurityFeature description: |- Child wrapper object for T1 Security Feature, used in hierarchical API title: |- Wrapper object for Security Feature x-vmw-nsx-module: PolicyGatewaySecurityFeature ChildSecurityPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SecurityPolicy: $ref: '#/definitions/SecurityPolicy' required: - SecurityPolicy type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for SecurityPolicy, used in hierarchical API title: |- Wrapper object for SecurityPolicy x-vmw-nsx-module: Policy ChildSegment: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Segment: $ref: '#/definitions/Segment' required: - Segment type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for Segment, used in hierarchical API. title: |- Wrapper object for Segment x-vmw-nsx-module: PolicyConnectivity ChildSegmentDiscoveryProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SegmentDiscoveryProfileBindingMap: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' required: - SegmentDiscoveryProfileBindingMap type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: |- Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API title: |- Wrapper object for SegmentDiscoveryProfileBindingMap x-vmw-nsx-module: PolicyDiscoveryProfileBinding ChildSegmentMonitoringProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SegmentMonitoringProfileBindingMap: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' required: - SegmentMonitoringProfileBindingMap type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: |- Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API title: |- Wrapper object for SegmentMonitoringProfileBindingMap x-vmw-nsx-module: PolicyMonitoringProfileBinding ChildSegmentPort: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SegmentPort: $ref: '#/definitions/SegmentPort' required: - SegmentPort type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for SegmentPort, used in hierarchical API title: |- Wrapper object for SegmentPort x-vmw-nsx-module: PolicyConnectivity ChildSegmentQoSProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SegmentQoSProfileBindingMap: $ref: '#/definitions/SegmentQoSProfileBindingMap' required: - SegmentQoSProfileBindingMap type: object x-vmw-nsx-module: PolicyQoSProfileBinding description: |- Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API title: |- Wrapper object for SegmentQoSProfileBindingMap x-vmw-nsx-module: PolicyQoSProfileBinding ChildSegmentSecurityProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SegmentSecurityProfile: $ref: '#/definitions/SegmentSecurityProfile' required: - SegmentSecurityProfile type: object x-vmw-nsx-module: PolicySegmentSecurity description: |- Child wrapper object for SegmentSecurityProfile, used in hierarchical API title: |- Wrapper object for SegmentSecurityProfile x-vmw-nsx-module: PolicySegmentSecurity ChildSegmentSecurityProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SegmentSecurityProfileBindingMap: $ref: '#/definitions/SegmentSecurityProfileBindingMap' required: - SegmentSecurityProfileBindingMap type: object x-vmw-nsx-module: PolicySecurityProfileBinding description: |- Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API title: |- Wrapper object for SegmentSecurityProfileBindingMap x-vmw-nsx-module: PolicySecurityProfileBinding ChildService: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Service: $ref: '#/definitions/Service' required: - Service type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for Service, used in hierarchical API. title: |- Wrapper object for Service x-vmw-nsx-module: Policy ChildServiceEntry: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Service: $ref: '#/definitions/ServiceEntry' ServiceEntry: $ref: '#/definitions/ServiceEntry' required: - ServiceEntry type: object x-vmw-nsx-module: Policy description: |- Child wrapper object for ServiceEntry, used in hierarchical API. title: |- Wrapper object for ServiceEntry x-vmw-nsx-module: Policy ChildServiceInstanceEndpoint: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ServiceInstanceEndpoint: $ref: '#/definitions/ServiceInstanceEndpoint' required: - ServiceInstanceEndpoint type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for ServiceInstanceEndpoint used in hierarchical API. title: |- Wrapper object for ServiceInstanceEndpoint x-vmw-nsx-module: PolicyServiceInsertion ChildServiceInterface: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ServiceInterface: $ref: '#/definitions/ServiceInterface' required: - ServiceInterface type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for ServiceInterface, used in hierarchical API. title: |- Wrapper object for ServiceInterface x-vmw-nsx-module: PolicyConnectivity ChildServiceReference: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ServiceReference: $ref: '#/definitions/ServiceReference' required: - ServiceReference type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for ServiceReference used in hierarchical API. title: |- Wrapper object for ServiceReference x-vmw-nsx-module: PolicyServiceInsertion ChildServiceSegment: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ServiceSegment: $ref: '#/definitions/ServiceSegment' required: - ServiceSegment type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for ServiceSegment, used in hierarchical API title: |- Wrapper object for SerivceSegment x-vmw-nsx-module: PolicyConnectivity ChildSessionTimerProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SessionTimerProfileBindingMap: $ref: '#/definitions/SessionTimerProfileBindingMap' required: - SessionTimerProfileBindingMap type: object x-vmw-nsx-module: PolicyProfile description: | Child wrapper object for SessionTimerProfileBindingMap, used in hierarchical API title: |- Wrapper object for SessionTimerProfileBindingMap x-vmw-nsx-module: PolicyProfile ChildShaDynamicPlugin: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ShaPluginProfile: $ref: '#/definitions/ShaDynamicPlugin' required: - ShaPluginProfile type: object x-vmw-nsx-module: PolicySha description: |- Child wrapper object for ShaDynamicPlugin, used in hierarchical API title: |- Wrapper object for ShaDynamicPlugin x-vmw-nsx-module: PolicySha ChildShaPluginProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ShaPluginProfile: $ref: '#/definitions/ShaPluginProfile' required: - ShaPluginProfile type: object x-vmw-nsx-module: PolicySha description: |- Child wrapper object for ShaPluginProfile, used in hierarchical API title: |- Wrapper object for ShaPluginProfile x-vmw-nsx-module: PolicySha ChildShaPredefinedPlugin: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: ShaPluginProfile: $ref: '#/definitions/ShaPredefinedPlugin' required: - ShaPluginProfile type: object x-vmw-nsx-module: PolicySha description: |- Child wrapper object for ShaPredefinedPlugin, used in hierarchical API title: |- Wrapper object for ShaDynamicPlugin x-vmw-nsx-module: PolicySha ChildSite: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Site: $ref: '#/definitions/Site' required: - Site type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Child wrapper object for Site, used in hierarchical API. title: |- Wrapper object for Site x-vmw-nsx-module: PolicyEnforcementPointManagement ChildSpoofGuardProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SpoofGuardProfile: $ref: '#/definitions/SpoofGuardProfile' required: - SpoofGuardProfile type: object x-vmw-nsx-module: PolicySpoofGuard description: |- Child wrapper object for SpoofGuardProfile, used in hierarchical API title: |- Wrapper object for SpoofGuardProfile x-vmw-nsx-module: PolicySpoofGuard ChildStandaloneHostIdfwConfiguration: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: StandaloneHostIdfwConfiguration: $ref: '#/definitions/StandaloneHostIdfwConfiguration' required: - StandaloneHostIdfwConfiguration type: object x-vmw-nsx-module: PolicyFirewallConfiguration description: |- Wrapper object for StandaloneHostIdfwConfiguration title: |- Wrapper object for StandaloneHostIdfwConfiguration x-vmw-nsx-module: PolicyFirewallConfiguration ChildStaticARPConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: StaticARPConfig: $ref: '#/definitions/StaticARPConfig' required: - StaticARPConfig type: object x-vmw-nsx-module: PolicyConnectivity description: | Child wrapper object for StaticARPConfig, used in hierarchical API. title: |- Wrapper object for StaticARPConfig x-vmw-nsx-module: PolicyConnectivity ChildStaticMimeContent: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TlsProfile: $ref: '#/definitions/StaticMimeContent' required: - TlsProfile type: object x-vmw-nsx-module: PolicyStaticMimeContent description: |- Child wrapper object for Static MIME content, used in hierarchical API title: |- Wrapper object for Child Static MIME content x-vmw-nsx-module: PolicyStaticMimeContent ChildStaticRouteBfdPeer: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: BfdPeer: $ref: '#/definitions/StaticRouteBfdPeer' required: - BfdPeer type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper for StaticRouteBfdPeer, used in hierarchical API. title: |- Wrapper object for StaticRouteBfdPeer x-vmw-nsx-module: PolicyConnectivity ChildStaticRoutes: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: StaticRoutes: $ref: '#/definitions/StaticRoutes' required: - StaticRoutes type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for StaticRoutes, used in hierarchical API. title: |- Wrapper object for StaticRoutes x-vmw-nsx-module: PolicyConnectivity ChildTagBulkOperation: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TagBulkOperation: $ref: '#/definitions/TagBulkOperation' required: - TagBulkOperation type: object x-vmw-nsx-module: PolicyTag description: | Child wrapper object for TagBulkOperation, used in hierarchical API. title: |- Child wrapper object for TagBulkOperation x-vmw-nsx-module: PolicyTag ChildTier0: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier0: $ref: '#/definitions/Tier0' required: - Tier0 type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for Tier-0, used in hierarchical API. title: |- Wrapper object for Tier-0 x-vmw-nsx-module: PolicyConnectivity ChildTier0DeploymentMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier0DeploymentMap: $ref: '#/definitions/Tier0DeploymentMap' required: - Tier0DeploymentMap type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: | Child wrapper object for Tier0DeploymentMap, used in hierarchical API. title: |- Wrapper object for Tier0DeploymentMap x-vmw-nsx-module: PolicyEnforcementPointManagement ChildTier0Interface: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier0Interface: $ref: '#/definitions/Tier0Interface' required: - Tier0Interface type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for Tier0Interface, used in hierarchical API. title: |- Wrapper object for Tier0Interface x-vmw-nsx-module: PolicyConnectivity ChildTier0RouteMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier0RouteMap: $ref: '#/definitions/Tier0RouteMap' required: - Tier0RouteMap type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for Tier0RouteMap, used in hierarchical API title: |- Wrapper object for Tier0RouteMap x-vmw-nsx-module: PolicyConnectivity ChildTier0SecurityFeatures: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier0SecurityFeatures: $ref: '#/definitions/Tier0SecurityFeatures' required: - Tier0SecurityFeatures type: object x-vmw-nsx-module: PolicyGatewaySecurityFeature description: |- Child wrapper object for T0 Security Feature, used in hierarchical API title: |- Wrapper object for T0 Security Feature x-vmw-nsx-module: PolicyGatewaySecurityFeature ChildTier1: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier1: $ref: '#/definitions/Tier1' required: - Tier1 type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for Tier-1 , used in hierarchical API. title: |- Wrapper object for Tier-1 x-vmw-nsx-module: PolicyConnectivity ChildTier1DeploymentMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier1DeploymentMap: $ref: '#/definitions/Tier1DeploymentMap' required: - Tier1DeploymentMap type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: | Child wrapper object for Tier1DeploymentMap, used in hierarchical API. title: |- Wrapper object for Tier1DeploymentMap x-vmw-nsx-module: PolicyEnforcementPointManagement ChildTier1Interface: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: Tier1Interface: $ref: '#/definitions/Tier1Interface' required: - Tier1Interface type: object x-vmw-nsx-module: PolicyConnectivity description: | Child wrapper object for Tier1Interface, used in hierarchical API. title: |- Wrapper object for Tier1Interface x-vmw-nsx-module: PolicyConnectivity ChildTlsCertificate: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TlsCertificate: $ref: '#/definitions/TlsCertificate' required: - TlsCertificate type: object x-vmw-nsx-module: PolicyCertificate description: |- Child wrapper for TlsCertificate, used in hierarchical API. title: |- Wrapper object for TlsCertificate x-vmw-nsx-module: PolicyCertificate ChildTlsConfigProfileBindingMap: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: SessionTimerProfileBindingMap: $ref: '#/definitions/TlsConfigProfileBindingMap' required: - SessionTimerProfileBindingMap type: object x-vmw-nsx-module: PolicyTlsConfigProfile description: | Child wrapper object for TlsConfigProfileBindingMap, used in hierarchical API title: |- Wrapper object for TlsConfigProfileBindingMap x-vmw-nsx-module: PolicyTlsConfigProfile ChildTlsCrl: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TlsCrl: $ref: '#/definitions/TlsCrl' required: - TlsCrl type: object x-vmw-nsx-module: PolicyCertificate description: |- Child wrapper for TlsCrl, used in hierarchical API. title: |- Wrapper object for TlsCrl x-vmw-nsx-module: PolicyCertificate ChildTlsPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TlsPolicy: $ref: '#/definitions/TlsPolicy' required: - TlsPolicy type: object x-vmw-nsx-module: PolicyTls description: |- Child wrapper object for TLSPolicy, used in hierarchical API title: |- Wrapper object for TlsPolicy x-vmw-nsx-module: PolicyTls ChildTlsProfile: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TlsProfile: $ref: '#/definitions/TlsProfile' required: - TlsProfile type: object x-vmw-nsx-module: PolicyTlsActionProfile description: |- Child wrapper object for TLS Profile, used in hierarchical API title: |- Wrapper object for Child TLS Profile x-vmw-nsx-module: PolicyTlsActionProfile ChildTlsRule: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TlsRule: $ref: '#/definitions/TlsRule' required: - TlsRule type: object x-vmw-nsx-module: PolicyTls description: |- Child wrapper object for Rule, used in hierarchical API title: |- Wrapper object for Rule x-vmw-nsx-module: PolicyTls ChildTlsTrustData: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TlsTrustData: $ref: '#/definitions/TlsTrustData' required: - TlsTrustData type: object x-vmw-nsx-module: PolicyCertificate description: |- Child wrapper for TlsTrustData, used in hierarchical API. title: |- Wrapper object for TlsTrustData x-vmw-nsx-module: PolicyCertificate ChildTraceflowConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: TraceflowConfig: $ref: '#/definitions/TraceflowConfig' required: - TraceflowConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper for TraceflowConfig, used in hierarchical API title: |- Wrapper object for TraceflowConfig x-vmw-nsx-module: PolicyConnectivity ChildVMTagReplicationPolicy: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: VMTagReplicationPolicy: $ref: '#/definitions/VMTagReplicationPolicy' required: - VMTagReplicationPolicy type: object x-vmw-nsx-module: VMTagReplicationPolicy description: |- Child wrapper object for VMTagReplicationPolicy, used in hierarchical API title: |- Wrapper object for VMTagReplicationPolicy x-vmw-nsx-module: VMTagReplicationPolicy ChildVirtualEndpoint: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: VirtualEndpoint: $ref: '#/definitions/VirtualEndpoint' required: - VirtualEndpoint type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Child wrapper object for VirtualEndpoint used in hierarchical API. title: |- Wrapper object for VirtualEndpoint x-vmw-nsx-module: PolicyServiceInsertion ChildVniPoolConfig: allOf: - $ref: '#/definitions/ChildPolicyConfigResource' - properties: VniPoolConfig: $ref: '#/definitions/VniPoolConfig' required: - VniPoolConfig type: object x-vmw-nsx-module: PolicyConnectivity description: |- Child wrapper object for VniPoolConfig, used in hierarchical API. title: |- Wrapper object for VniPoolConfig x-vmw-nsx-module: PolicyConnectivity CidrArrayConstraintValue: allOf: - $ref: '#/definitions/ConstraintValue' - properties: values: description: |- This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64". items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string maxItems: 100 minItems: 1 title: |- Array of IP addresses type: array required: - values type: object x-vmw-nsx-module: PolicyConstraints description: |- List of CIDR values title: |- Array of CIDR Values to perform operation x-vmw-nsx-module: PolicyConstraints ClasslessStaticRoute: description: |- DHCP classless static route option. properties: network: description: |- Destination network in CIDR format. format: address-or-block-or-range type: string next_hop: description: |- IP address of next hop of the route. format: ip type: string required: - next_hop - network title: |- DHCP classless static route option type: object x-vmw-nsx-module: Dhcp CloudNativeDeploymentAction: description: |- Action to be perform on deployment. properties: action: description: | Action can be deploy or undeploy. DEPLOY - Deploy NSX Application Platform charts. UNDEPLOY - Undeploy NSX Application Platform charts. REDEPLOY - Redeploy NSX Application Platform charts. UPDATE_FORMFACTOR - Upgrade NSX Application Platform charts. REDEPLOY_UPDATE_FORMFACTOR - Retry update NSX Application Platform charts. FORCE_UNDEPLOY - Undeploy forcefully. RESTART - Restart deployment. RESET - Reset deployment. enum: - DEPLOY - UNDEPLOY - REDEPLOY - UPDATE_FORMFACTOR - REDEPLOY_UPDATE_FORMFACTOR - FORCE_UNDEPLOY - RESTART - RESET title: |- Deployment action type: string required: - action title: |- Action type: object x-vmw-nsx-module: PolicyCloudNative CloudNativeDeploymentConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cluster_id: description: |- Unique id to identify kubernetes guest cluster. title: |- Kubernetes cluster id type: string deployment_action: $ref: '#/definitions/CloudNativeDeploymentAction' kubeconf_info: $ref: '#/definitions/KubeconfigInfo' storage_class: description: |- Kubernetes storage class title: |- Kubernetes storage class type: string version: description: |- Deployment version in use. title: |- Deployment version in use type: string type: object x-vmw-nsx-module: PolicyCloudNative description: |- Configuration for NSX Application Platform deployment. title: |- Common configuration for NSX Application Platform deployments x-vmw-nsx-module: PolicyCloudNative CloudNativeServiceInstance: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: external_id: description: | Id of service instance fetched from public cloud. readOnly: true title: |- External id of cloud native service instance in the system. type: string service_type: description: |- Type of cloud native service. readOnly: true title: |- Type of cloud native service; possible values are ELB, RDS type: string source: $ref: '#/definitions/ResourceReference' type: object x-vmw-nsx-module: InventoryCloudObj description: |- Stores the information about cloud native service instance. x-vmw-nsx-module: InventoryCloudObj ClusterBackupInfo: description: |- Cluster backup details properties: ip_address: description: |- IP address or FQDN of the node from which the backup was taken format: hostname-or-ip readOnly: true title: |- IP address or FQDN of the node from which the backup was taken type: string node_id: description: |- ID of the node from which the backup was taken readOnly: true title: |- ID of the node from which the backup was taken type: string restore_type: default: [] description: |- Type of restore allowed items: enum: - REGULAR_RESTORE - POLICY_ONLY_RESTORE type: string readOnly: true title: |- Type of restore allowed type: array uniqueItems: true timestamp: description: |- timestamp of the cluster backup file format: int64 readOnly: true type: integer title: |- Cluster backup details type: object x-vmw-nsx-module: ClusterRestore ClusterBackupInfoListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of timestamps of backed-up cluster files items: $ref: '#/definitions/ClusterBackupInfo' readOnly: true title: |- List of timestamps of backed-up cluster files type: array type: object x-vmw-nsx-module: ClusterRestore x-vmw-nsx-module: ClusterRestore ClusterControlPlane: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: certificate: description: | This property should be afford in create process. title: |- certificate for this cluster control plane type: string node_id: description: | This property is used to identify the cluster control plane in NSX-T. This id should assigned by NSX-T in create process. title: |- Unique Id of the cluster control plane type: string vhc_path: description: | This property should be afford in create process for VHC module requirement. title: |- vhc path for this cluster control plane type: string type: object x-vmw-nsx-module: ClusterControlPlane description: | Cluster control plane is a hierarchical extension of the NSX-T control plane. It allows NSX to manage multiple clusters. There is an instance of cluster control plane in each managed cluster. The cluster control plane is responsible for the traffic management, span calculation and it can work on its own. NSX-T central control plane distributes high-level network configurations like security policies and groups to cluster control planes, and each cluster control plane computes and realizes the configurations on the managed cluster. title: |- Cluster Control Plane x-vmw-nsx-module: ClusterControlPlane ClusterControlPlaneListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: | This property include all cluster control Plane in NSX-T. items: $ref: '#/definitions/ClusterControlPlane' readOnly: true title: |- Cluster Control Plane Results type: array type: object x-vmw-nsx-module: ClusterControlPlane description: |- Cluster Control Plane queries result title: |- Cluster Control Plane queries result x-vmw-nsx-module: ClusterControlPlane ClusterMemberDetails: description: | Details of the member belonging to a Group properties: cluster_id: description: |- The Antrea cluster id of the pod readOnly: true title: |- The Antrea cluster id of the pod type: string cluster_name: description: |- The Antrea cluster name of the pod readOnly: true title: |- The Antrea cluster name of the pod type: string namespaces: items: $ref: '#/definitions/NamespaceMemberDetails' type: array required: - namespaces title: |- Group member details type: object x-vmw-nsx-module: PolicyGroupRealization ClusterRestoreStatus: description: |- Cluster restore status properties: backup_timestamp: description: |- Timestamp when backup was initiated in epoch millisecond format: int64 readOnly: true type: integer endpoints: description: | The list of allowed endpoints, based on the current state of the restore process items: $ref: '#/definitions/ResourceLink' readOnly: true title: | The list of allowed endpoints, based on the current state of the restore process type: array id: description: |- Unique id for backup request readOnly: true title: |- Unique id for backup request type: string instructions: description: |- Instructions for users to reconcile Restore operations items: $ref: '#/definitions/InstructionInfo' readOnly: true title: |- Instructions for users to reconcile Restore operations type: array not_allowed_actions: default: [] description: |- List of actions that are not allowed items: enum: - VC_UPDATES type: string readOnly: true title: |- List of actions that are not allowed type: array uniqueItems: true restore_end_time: description: |- Timestamp when restore was completed in epoch millisecond format: int64 readOnly: true type: integer restore_start_time: description: |- Timestamp when restore was started in epoch millisecond format: int64 readOnly: true type: integer status: $ref: '#/definitions/GlobalRestoreStatus' step: $ref: '#/definitions/RestoreStep' total_steps: description: |- Total number of steps in the entire restore process format: int64 readOnly: true title: |- Total number of steps in the entire restore process type: integer title: |- Cluster restore status type: object x-vmw-nsx-module: ClusterRestore ColumnItem: description: |- Represents a column of the Grid properties: column_identifier: description: |- Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns. title: |- Identifier for this column type: string drilldown_id: description: |- Id of drilldown widget, if any. Id should be a valid id of an existing widget. maxLength: 255 title: |- Id of drilldown widget type: string field: description: |- Field from which values of the column will be derived. maxLength: 1024 title: |- Column Field type: string hidden: default: false description: |- If set to true, hides the column title: |- Hide the column type: boolean label: $ref: '#/definitions/Label' navigation: description: |- Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used. maxLength: 1024 title: |- Navigation to a specified UI page type: string render_configuration: description: |- Render configuration to be applied, if any. items: $ref: '#/definitions/RenderConfiguration' title: |- Render Configuration type: array sort_ascending: default: true description: |- If true, the value of the column are sorted in ascending order. Otherwise, in descending order. title: |- Represents order of sorting the values type: boolean sort_key: description: |- Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested. maxLength: 255 title: |- Key for sorting on this column type: string tooltip: description: |- Multi-line text to be shown on tooltip while hovering over a cell in the grid. items: $ref: '#/definitions/Tooltip' title: |- Multi-line tooltip type: array type: default: String description: |- Data type of the field. enum: - String - Number - Date maxLength: 255 title: |- Field data type type: string required: - field - type - label title: |- Grid Column type: object x-vmw-nsx-module: NsxDashboard CommonAgentEndpointInfo: description: | An endpoint to connect to Kafka/ingress of the NSX Application Platform. Either FQDN or IP address can be used in the endpoint info. properties: address: description: | The IP address or the full qualified domain name of Kafka broker/ingress. format: hostname-or-ip title: |- address type: string port: description: | The port number where the broker is listening to. format: int64 maximum: 65535 minimum: 1 title: |- port number type: integer required: - address title: |- NSX Application Platform Kafka/ingress endpoints type: object x-vmw-nsx-module: PolicyCloudNativeCommonAgent CommonAgentHostConfigurationInfo: allOf: - $ref: '#/definitions/ManagedResource' - properties: ingress_certificate: description: | A ingress certificate to verify the identity of brokers. title: |- Broker certificate type: string ingress_endpoint: description: | List of NSX Application Platform ingress endpoints that host nodes contact initially. items: $ref: '#/definitions/CommonAgentEndpointInfo' title: |- List of NSX Application Platform ingress endpoints type: array kafka_certificate: description: | A Kafka broker certificate to verify the identity of brokers. title: |- Broker certificate type: string kafka_endpoint: description: | List of NSX Application Platform broker endpoints that host nodes contact initially. items: $ref: '#/definitions/CommonAgentEndpointInfo' title: |- List of NSX Application Platform Kafka broker endpoints type: array nsx_cluster_id: description: | Cluster id of the NSX Manager cluster. title: |- Cluster id of the NSX Manager cluster type: string private_ip_range: description: | List of private IP prefix that NSX Application Platform Common Agent network flow is collected from. items: $ref: '#/definitions/CommonAgentPrivateIpRangeInfo' title: |- List of private IP prefix type: array truststore: description: | A truststore to establish the trust between NSX and NSX Application Platform. title: |- truststore type: string type: object x-vmw-nsx-module: PolicyCloudNativeCommonAgent description: | NSX Application Platform Common Agent configuration that can be applied to host nodes. title: |- NSX Application Platform Common Agent host configuration x-vmw-nsx-module: PolicyCloudNativeCommonAgent CommonAgentPrivateIpRangeInfo: description: | An IP prefix to mark the private network that NSX Application Platform Common Agent network flow is collected from. properties: address: description: | The prefix of IP address that marks the range of private network. format: ip type: string address_type: description: | The type of IP address. enum: - IPV4 - IPV6 title: |- IP address type type: string prefix_length: description: | The length of IP address prefix that marks the range of private network. format: int64 maximum: 128 minimum: 1 title: |- IP prefix length type: integer required: - address_type - prefix_length - address title: |- NSX Application Platform Common Agent private IP prefix type: object x-vmw-nsx-module: PolicyCloudNativeCommonAgent CommunicationEntry: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action: description: | The action to be applied to all the services. enum: - ALLOW - DROP - REJECT title: |- Action type: string destination_groups: description: | We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. items: type: string maxItems: 128 title: |- Destination group paths type: array direction: default: IN_OUT description: | Define direction of traffic. enum: - IN - OUT - IN_OUT title: |- Direction type: string disabled: default: false description: |- Flag to disable the rule. Default is enabled. readOnly: false title: |- Flag to disable the rule type: boolean logged: default: false description: |- Flag to enable packet logging. Default is disabled. readOnly: false title: |- Enable logging flag type: boolean notes: description: |- Text for additional notes on changes. title: |- Text for additional notes on changes type: string scope: description: | The list of policy paths where the communication entry is applied Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs. items: type: string maxItems: 128 type: array sequence_number: description: | This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple communication entries with the same sequence number then their order is not deterministic. If a specific order of communication entry is desired, then one has to specify unique sequence numbers or use the POST request on the communication entry entity with a query parameter action=revise to let the framework assign a sequence number format: int32 title: |- Sequence number of the this CommunicationEntry type: integer services: description: | In order to specify all services, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values. items: type: string maxItems: 128 title: |- Names of services type: array source_groups: description: | We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. items: type: string maxItems: 128 title: |- Source group paths type: array tag: description: | User level field which will be printed in CLI and packet logs. maxLength: 32 title: |- Tag applied on the communication entry type: string type: object x-vmw-nsx-module: Policy description: |- A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead. title: |- A communication entry specifies the security policy between the workload groups x-vmw-nsx-module: Policy CommunicationEntryListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- CommunicationEntry list results items: $ref: '#/definitions/CommunicationEntry' title: |- CommunicationEntry list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- This type is deprecated. Use the type RuleListResult instead. title: |- Paged Collection of CommunicationEntries x-vmw-nsx-module: Policy CommunicationInsertParameters: description: | Parameters to let the admin specify a relative position of a communication map or communication entry w.r.t to another one. This type is deprecated. Use the type RuleInsertParameters instead. properties: anchor_path: description: | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' title: | The communication map/communication entry path if operation is 'insert_after' or 'insert_before' type: string operation: default: insert_top description: |- Operation enum: - insert_top - insert_bottom - insert_after - insert_before title: |- Operation type: string title: | Parameters to tell where communication map/communication entry needs to be placed type: object x-vmw-nsx-module: Policy CommunicationMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: category: description: | - Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are "Emergency", "Infrastructure", "Environment" and "Application". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories. title: |- A way to classify a communication map, if needed. type: string communication_entries: description: |- CommunicationEntries that are a part of this CommunicationMap items: $ref: '#/definitions/CommunicationEntry' title: |- CommunicationEntries that are a part of this CommunicationMap type: array precedence: description: | This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map. If no precedence is specified in the payload, a value of 0 is assigned by default. If there are multiple communication maps with the same precedence then their order is not deterministic. If a specific order of communication map is desired, then one has to specify a unique precedence or use the POST request on the communication map entity with a query parameter action=revise to let the framework assign a precedence format: int32 title: |- Precedence to resolve conflicts across Domains type: integer type: object x-vmw-nsx-module: Policy description: | Ordered list of CommunicationEntries. This object is created by default along with the Domain. This type is deprecated. Use the type SecurityPolicy instead. title: |- Contains ordered list of CommunicationEntries x-vmw-nsx-module: Policy CommunicationMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- CommunicationMap list results items: $ref: '#/definitions/CommunicationMap' title: |- CommunicationMap list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- This type is deprecated. Use the type SecurityPolicyListResult instead. title: |- Paged Collection of Communication map x-vmw-nsx-module: Policy CommunityList: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: communities: description: | List of BGP community entries. Both standard and large communities are supported. Standard community format: aa:nn where aa and nn must be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn where aa (Global Administrator), bb (Local Data Part 1) and nn (Local Data Part 2) must be within the range [1 - 4294967295]. In additon to numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported. items: type: string minItems: 1 title: |- List of BGP community entries type: array required: - communities type: object x-vmw-nsx-module: PolicyConnectivity description: |- Community list for BGP routing configuration title: |- Community list for BGP routing configuration x-vmw-nsx-module: PolicyConnectivity CommunityListListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- CommunityList results items: $ref: '#/definitions/CommunityList' title: |- CommunityList results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of CommunityLists title: |- Paged collection of CommunityLists x-vmw-nsx-module: PolicyConnectivity CommunityMatchCriteria: description: |- Match criteria based on a community list properties: criteria: description: | Match criteria specified as a community list path or a regular expression. title: |- Match criteria based on community list path or a regular expression type: string match_operator: description: | Match operator for community list entries. Not valid when a regular expression is specified for criteria. enum: - MATCH_ANY - MATCH_ALL - MATCH_EXACT - MATCH_COMMUNITY_REGEX - MATCH_LARGE_COMMUNITY_REGEX title: |- Match operator for community list entries type: string required: - criteria title: |- Match criteria based on a community list type: object x-vmw-nsx-module: PolicyConnectivity CompatibilityCheckResult: description: | Result of prechecks run for onboarding standby Global Manager or remote site. The checks include NSX version compatibility with active Global Manager, Round Trip Time (RTT), etc. Note that some of checks like RTT are soft limits. properties: local_nsx_version: description: |- Local Site NSX version where active Global Mananger is running. readOnly: true title: |- Local Site NSX version where active Global Mananger is running type: string nsx_version: description: |- Remote Site NSX version. readOnly: true title: |- Remote Site NSX version type: string rtt: description: | Round trip time to the remote Site or Global Manager from active Global Manager. format: int64 readOnly: true title: | Round trip time to the remote Site or Global Manager from active Global Manager type: integer rtt_exceeded: description: | Flag to indicate if RTT to remote Site exceeds the recommended limit. readOnly: true title: |- Flag to indicate if RTT to remote Site exceeds the recommended limit type: boolean version_compatible: description: | Flag to indicate if remote Site NSX version is compatible with active Global Manager. readOnly: true title: |- Flag to indicate if remote Site NSX version is compatible type: boolean title: | Precheck result for onboaring standby Global Manager or remote Site to federation type: object x-vmw-nsx-module: PolicySiteGM ComponentConditionItem: description: |- This indicate component health condition and the reason why not healthy. properties: condition_type: description: | Indicate which component condition it is. enum: - CONTROLLER_HEALTHY - MP_ADAPTER_HEALTHY - MP_CONNECTED - CCP_ADAPTER_HEALTHY - CCP_SESSION_STATE_UP readOnly: true type: string last_heartbeat_time: description: | Time unit is millisecond. format: int64 type: integer message: description: | Additional condition information. title: |- Antrea Component condition message type: string reason: description: | Indicate why not healthy. title: |- Reason of unhealthy status type: string status: description: | Indicate healthy or unhealthy. enum: - HEALTHY - UNHEALTHY type: string title: |- Antrea Component condition type: object x-vmw-nsx-module: PolicyAntreaMonitoring ComputeClusterIdfwConfiguration: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cluster_idfw_enabled: description: |- If set to true, idfw is enabled for this cluster readOnly: false title: |- Idfw enabled flag type: boolean member: $ref: '#/definitions/PolicyResourceReference' required: - member - cluster_idfw_enabled type: object x-vmw-nsx-module: PolicyFirewallConfiguration description: | Idfw configuration for enable/disable idfw on cluster level. title: |- Compute cluster idfw configuration x-vmw-nsx-module: PolicyFirewallConfiguration ComputeClusterIdfwConfigurationListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Compute cluster wise identity firewall configuration list results items: $ref: '#/definitions/ComputeClusterIdfwConfiguration' title: |- Compute cluster wise identity firewall configuration list results type: array required: - results type: object x-vmw-nsx-module: PolicyFirewallConfiguration description: |- Paged collection of compute cluster idfw configuration title: |- Paged collection of compute cluster idfw configuration x-vmw-nsx-module: PolicyFirewallConfiguration ComputeCollection: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: cm_local_id: description: |- Local Id of the compute collection in the Compute Manager readOnly: true title: |- Local Id of the compute collection in the Compute Manager type: string external_id: description: | External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC readOnly: true title: | External ID of the ComputeCollection in the source Compute manager, e.g. mo-ref in VC type: string origin_id: description: |- Id of the compute manager from where this Compute Collection was discovered readOnly: true title: |- Id of the compute manager from where this Compute Collection was discovered type: string origin_properties: description: | Key-Value map of additional specific properties of compute collection in the Compute Manager items: $ref: '#/definitions/KeyValuePair' readOnly: true title: | Key-Value map of additional specific properties of compute collection in the Compute Manager type: array origin_type: description: | ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers readOnly: true title: | ComputeCollection type like VC_Cluster. Here the Compute Manager type prefix would help in differentiating similar named Compute Collection types from different Compute Managers type: string owner_id: description: |- Id of the owner of compute collection in the Compute Manager readOnly: true title: |- Id of the owner of compute collection in the Compute Manager type: string type: object x-vmw-nsx-module: InventoryCmObj x-vmw-nsx-module: InventoryCmObj ComputeManagerTopology: description: |- Details where NVDS will be migrated to properties: compute_manager_id: description: |- Identifier of vcenter where VDS will be created title: |- Identifier of vcenter where VDS will be created type: string dvswitch: description: |- Datacenter, VDS mapping items: $ref: '#/definitions/VdsTopology' title: |- Datacenter, VDS mapping type: array required: - dvswitch - compute_manager_id title: |- Details where NVDS will be migrated to type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck Condition: allOf: - $ref: '#/definitions/Expression' - properties: key: description: |- Key enum: - Tag - Name - OSName - ComputerName - NodeType - GroupType title: |- Key type: string member_type: description: |- Group member type enum: - IPSet - VirtualMachine - LogicalPort - LogicalSwitch - Segment - SegmentPort - Pod - Service - Namespace - TransportNode - Group - DVPG - DVPort title: |- Group member type type: string operator: description: | Operator is made non-mandatory to support Segment and SegmentPort tag based expression. To evaluate expression for other types, operator value should be provided. enum: - EQUALS - CONTAINS - STARTSWITH - ENDSWITH - NOTEQUALS - NOTIN title: |- operator type: string scope_operator: description: | Default operator when not specified explicitly would be considered as EQUALS. If value for Condition is empty, then condition will not be evaluated. For example, Condition with key as Tag and value as "|tag" would be evaluated for tag value not for empty scope value. enum: - EQUALS - NOTEQUALS title: |- operator type: string value: description: |- Value minLength: 1 title: |- Value type: string required: - value - key - member_type type: object x-vmw-nsx-module: Policy description: | Represents the leaf level condition. Evaluation of the condition expression will be case insensitive. title: |- Represents the leaf level condition x-vmw-nsx-module: Policy ConditionalValueConstraintExpression: description: | Represents the leaf level expression to restrict the target attribute value based on the set of existing values. Generally, used in combination with RelatedAttributeConditionalExpression to constraint the values related to another attribute on the same resource. This object is always used in conjunction with some exression. Example - { "condition" : { "operator":"INCLUDES", "rhs_value": ["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"], "value_constraint": { "resource_type": "ValueConstraintExpression", "operator":"EXCLUDES", "values":["/infra/domains/mgw/groups/VCENTER", "/infra/domains/mgw/groups/SRM", "/infra/domains/mgw/groups/NSX"] } } properties: operator: description: |- Set operation to constraint values. enum: - INCLUDES - EXCLUDES - EQUALS title: |- Set operation to constraint values. type: string rhs_value: description: |- List of values. items: type: string title: |- Array of values to perform operation. type: array rhs_value_with_type: $ref: '#/definitions/ConstraintValue' value_constraint: $ref: '#/definitions/ValueConstraintExpression' required: - operator - value_constraint title: |- Represents the leaf level conditional value constraint. type: object x-vmw-nsx-module: PolicyConstraints ConfigurationState: description: |- Describes status of configuration of an entity properties: details: description: |- Array of configuration state of various sub systems items: $ref: '#/definitions/ConfigurationStateElement' readOnly: true title: |- Array of configuration state of various sub systems type: array failure_code: description: |- Error code format: int64 readOnly: true title: |- Error code type: integer failure_message: description: |- Error message in case of failure readOnly: true title: |- Error message in case of failure type: string state: description: | Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. "in_sync" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to "success". Please note, failed state is deprecated. enum: - pending - in_progress - success - failed - partial_success - orphaned - unknown - error - in_sync - NOT_AVAILABLE - VM_DEPLOYMENT_QUEUED - VM_DEPLOYMENT_IN_PROGRESS - VM_DEPLOYMENT_FAILED - VM_POWER_ON_IN_PROGRESS - VM_POWER_ON_FAILED - REGISTRATION_PENDING - NODE_NOT_READY - NODE_READY - VM_POWER_OFF_IN_PROGRESS - VM_POWER_OFF_FAILED - VM_UNDEPLOY_IN_PROGRESS - VM_UNDEPLOY_FAILED - VM_UNDEPLOY_SUCCESSFUL - EDGE_CONFIG_ERROR - VM_DEPLOYMENT_RESTARTED - REGISTRATION_FAILED - TRANSPORT_NODE_SYNC_PENDING - TRANSPORT_NODE_CONFIGURATION_MISSING - EDGE_HARDWARE_NOT_SUPPORTED - MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED - TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER - TZ_ENDPOINTS_NOT_SPECIFIED - NO_PNIC_PREPARED_IN_EDGE - APPLIANCE_INTERNAL_ERROR - VTEP_DHCP_NOT_SUPPORTED - UNSUPPORTED_HOST_SWITCH_PROFILE - UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED - HOSTSWITCH_PROFILE_NOT_FOUND - LLDP_SEND_ENABLED_NOT_SUPPORTED - UNSUPPORTED_NAMED_TEAMING_POLICY - LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM - LACP_NOT_SUPPORTED_FOR_EDGE_VM - STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM - MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE - UNSUPPORTED_LACP_LB_ALGO_FOR_NODE - EDGE_NODE_VERSION_NOT_SUPPORTED - NO_PNIC_SPECIFIED_IN_TN - INVALID_PNIC_DEVICE_NAME - TRANSPORT_NODE_READY - VM_NETWORK_EDIT_PENDING - UNSUPPORTED_DEFAULT_TEAMING_POLICY - MPA_DISCONNECTED - VM_RENAME_PENDING - VM_CONFIG_EDIT_PENDING - VM_NETWORK_EDIT_FAILED - VM_RENAME_FAILED - VM_CONFIG_EDIT_FAILED - VM_CONFIG_DISCREPANCY - VM_NODE_REFRESH_FAILED - VM_PLACEMENT_REFRESH_FAILED - REGISTRATION_TIMEDOUT - REPLACE_FAILED - UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED - LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING - DELETE_VM_IN_REDEPLOY_FAILED - DEPLOY_VM_IN_REDEPLOY_FAILED - INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE - VM_RESOURCE_RESERVATION_FAILED - DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER - DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING - EDGE_NODE_SETTINGS_MISMATCH_RESOLVE - EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE - EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE - EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE - COMPUTE_MANAGER_NOT_FOUND readOnly: true title: |- Overall state of desired configuration type: string title: |- Describes status of configuration of an entity type: object x-vmw-nsx-module: Common ConfigurationStateElement: description: |- Describes status of configuration of an entity properties: failure_code: description: |- Error code format: int64 readOnly: true title: |- Error code type: integer failure_message: description: |- Error message in case of failure readOnly: true title: |- Error message in case of failure type: string state: description: |- State of configuration on this sub system enum: - in_progress - success - failed - partial_success - in_sync - VM_DEPLOYMENT_FAILED - VM_POWER_ON_FAILED - VM_POWER_OFF_FAILED - VM_UNDEPLOY_FAILED - REPLACE_FAILED - UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED - LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING - DELETE_VM_IN_REDEPLOY_FAILED - DEPLOY_VM_IN_REDEPLOY_FAILED - INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE - EDGE_CONFIG_ERROR - REGISTRATION_FAILED - TRANSPORT_NODE_CONFIGURATION_MISSING - EDGE_HARDWARE_NOT_SUPPORTED - MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED - TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER - TZ_ENDPOINTS_NOT_SPECIFIED - NO_PNIC_PREPARED_IN_EDGE - APPLIANCE_INTERNAL_ERROR - VTEP_DHCP_NOT_SUPPORTED - UNSUPPORTED_HOST_SWITCH_PROFILE - UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED - HOSTSWITCH_PROFILE_NOT_FOUND - LLDP_SEND_ENABLED_NOT_SUPPORTED - UNSUPPORTED_NAMED_TEAMING_POLICY - LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM - LACP_NOT_SUPPORTED_FOR_EDGE_VM - STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM - MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE - UNSUPPORTED_LACP_LB_ALGO_FOR_NODE - EDGE_NODE_VERSION_NOT_SUPPORTED - NO_PNIC_SPECIFIED_IN_TN - INVALID_PNIC_DEVICE_NAME - UNSUPPORTED_DEFAULT_TEAMING_POLICY - MPA_DISCONNECTED - VM_NETWORK_EDIT_PENDING - VM_RENAME_PENDING - VM_CONFIG_EDIT_PENDING - VM_NETWORK_EDIT_FAILED - VM_RENAME_FAILED - VM_CONFIG_EDIT_FAILED - VM_CONFIG_DISCREPANCY - VM_NODE_REFRESH_FAILED - VM_PLACEMENT_REFRESH_FAILED - NOT_AVAILABLE - REGISTRATION_TIMEDOUT - pending - orphaned - unknown - error readOnly: true title: |- State of configuration on this sub system type: string sub_system_address: description: |- URI of backing resource on sub system readOnly: true title: |- URI of backing resource on sub system type: string sub_system_id: description: |- Identifier of backing resource on sub system readOnly: true title: |- Identifier of backing resource on sub system type: string sub_system_name: description: |- Name of backing resource on sub system readOnly: true title: |- Name of backing resource on sub system type: string sub_system_type: description: |- Type of backing resource on sub system readOnly: true title: |- Type of backing resource on sub system type: string title: |- Describes status of configuration of an entity type: object x-vmw-nsx-module: Common ConjunctionOperator: allOf: - $ref: '#/definitions/Expression' - properties: conjunction_operator: description: |- Conjunction Operator Node enum: - OR - AND title: |- Conjunction Operator Node type: string required: - conjunction_operator type: object x-vmw-nsx-module: Policy description: |- Represents the operators AND or OR. title: |- Represents the operators AND or OR x-vmw-nsx-module: Policy ConnectivityAdvancedConfig: description: |- Advanced configuration for Policy connectivity properties: connectivity: default: 'ON' description: | Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity. enum: - 'ON' - 'OFF' title: |- Connectivity configuration type: string title: |- Advanced configuration for Policy connectivity type: object x-vmw-nsx-module: PolicyConnectivity ConsolidatedEffectiveIPAddressMemberListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of site wise consolidated effective ip addresses for the given NSGroup items: $ref: '#/definitions/EffectiveIPInfo' title: |- Paged Collection of site wise consolidated effective ip addresses for the given NSGroup type: array required: - results type: object x-vmw-nsx-module: GroupingObjectsProviders x-vmw-nsx-module: GroupingObjectsProviders ConsolidatedRealizedStatus: allOf: - $ref: '#/definitions/AggregatePolicyRuntimeInfo' - properties: consolidated_status: $ref: '#/definitions/ConsolidatedStatus' consolidated_status_per_enforcement_point: description: |- List of Consolidated Realized Status per enforcement point. items: $ref: '#/definitions/ConsolidatedStatusPerEnforcementPoint' readOnly: true title: |- List of Consolidated Realized Status per Enforcement Point type: array intent_version: description: |- Represent highest intent version across all realized objects readOnly: true title: |- Intent version for the status type: string publish_status: description: |- Aggregated Realization state of this object enum: - UNAVAILABLE - UNREALIZED - REALIZED - ERROR title: |- Aggregated Realization state of this object type: string required: - publish_status type: object x-vmw-nsx-module: PolicyRealizedState description: | Consolidated Realized Status of an intent object across enforcement points. title: |- Consolidated Realized Status for an Intent Object x-vmw-nsx-module: PolicyRealizedState ConsolidatedStatus: description: | Consolidated Status of an intent object. Status Consolidation of an intent happens at multiple levels: - Per Enforcement Point: calculation of the consolidated status is performed using all realized entities that the intent objet maps to on a specific enforcement point. - Across Enforcement Points: calculation of the consolidated status is performend aggregating the consolidated status from each enforcement point. properties: consolidated_status: description: |- Consolidated Realized Status of an intent object. enum: - SUCCESS - IN_PROGRESS - ERROR - UNKNOWN - UNINITIALIZED readOnly: true type: string title: |- Consolidated Status type: object x-vmw-nsx-module: PolicyRealizedState ConsolidatedStatusNsxT: allOf: - $ref: '#/definitions/ConsolidatedStatusPerEnforcementPoint' - properties: enforced_status: $ref: '#/definitions/EnforcedStatusDetailsNsxT' type: object x-vmw-nsx-module: PolicyRealizationStatus description: | Detailed Realized Status of an intent object on an NSX-T type of enforcement point. title: |- NSX-T Consolidated Status x-vmw-nsx-module: PolicyRealizationStatus ConsolidatedStatusPerEnforcementPoint: allOf: - $ref: '#/definitions/BaseConsolidatedStatusPerEnforcementPoint' - type: object x-vmw-nsx-module: PolicyRealizedState description: | Consolidated Realized Status Per Enforcement Point. title: |- Consolidated Realized Status Per Enforcement Point x-vmw-nsx-module: PolicyRealizedState ConstantFieldValue: allOf: - $ref: '#/definitions/FieldSettingValue' - properties: constant: description: | Constant Value that the field must be set to. title: |- Constant Value type: object type: object x-vmw-nsx-module: PolicyReaction description: |- Constant Field Value. title: |- Constant Field Value x-vmw-nsx-module: PolicyReaction Constraint: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: constraint_expression: $ref: '#/definitions/ConstraintExpression' message: description: |- User friendly message to be shown to users upon violation. title: |- User friendly message to be shown to users upon violation. type: string target: $ref: '#/definitions/ConstraintTarget' required: - constraint_expression - target type: object x-vmw-nsx-module: PolicyConstraints description: | Constraint object to constraint any attribute on a resource based on specified expression. Example- Restrict the allowed services in Edge Communication Entry to list of services, if the destinationGroups contain vCenter. { "target":{ "target_resource_type":"CommunicationEntry", "attribute":"services", "path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries" } "constraint_expression":{ "related_attribute":{ "attribute":"destinationGroups" } "condition":{ "operator":"INCLUDES", "rhs_value":{"vCenter"} "value_constraint":{ "operator":"ALLOW", "values":{"/ref/services/HTTPS", "/ref/services/HTTOP", ...} } } } } title: |- Constraint definition. x-vmw-nsx-module: PolicyConstraints ConstraintExpression: allOf: - $ref: '#/definitions/ManagedResource' - discriminator: resource_type properties: resource_type: enum: - ValueConstraintExpression - RelatedAttributeConditionalExpression - EntityInstanceCountConstraintExpression - FieldSanityConstraintExpression type: string required: - resource_type type: object x-vmw-nsx-module: PolicyConstraints description: | All the types of the expression extend from this abstract class. This is present for extensibility. title: |- Base class for constraint expression x-vmw-nsx-module: PolicyConstraints ConstraintListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Constraint list results items: $ref: '#/definitions/Constraint' title: |- Constraint list results type: array required: - results type: object x-vmw-nsx-module: PolicyConstraints description: |- Paged Collection of Constraints title: |- Paged Collection of Constraints x-vmw-nsx-module: PolicyConstraints ConstraintTarget: description: | Resource attribute on which constraint should be applied. Example - sourceGroups attribute of Edge CommunicationEntry to be restricted, is given as: { "target_resource_type":"CommunicationEntry", "attribute":"sourceGroups", "path_prefix":"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries" } properties: attribute: description: |- Attribute name of the target entity. title: |- Attribute name of the target entity. type: string path_prefix: description: | Path prefix of the entity to apply constraint. This is required to further disambiguiate if multiple policy entities share the same resource type. Example - Edge FW and DFW use the same resource type CommunicationMap, CommunicationEntry, Group, etc. title: | Path prefix of the entity to apply constraint. This is required to further disambiguiate if multiple policy entities share the same resource type. Example - Edge FW and DFW use the same resource type CommunicationMap, CommunicationEntry, Group, etc. type: string target_resource_type: description: |- Resource type of the target entity. title: |- Resource type of the target entity. type: string required: - target_resource_type title: |- Resource attribute on which constraint should be applied. type: object x-vmw-nsx-module: PolicyConstraints ConstraintValue: description: | All the types of value extend from this abstract class. This is present for extensibility. discriminator: resource_type properties: resource_type: enum: - StringArrayConstraintValue - CidrArrayConstraintValue - IntegerArrayConstraintValue type: string required: - resource_type title: |- Base class for each value configuration type: object x-vmw-nsx-module: PolicyConstraints ContainerApplication: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: container_cluster_id: description: |- Identifier of the container cluster this container application belongs to. readOnly: true title: |- Identifier of the container cluster type: string container_project_id: description: |- Identifier of the project which this container application belongs to. readOnly: false title: |- Identifier of the project type: string external_id: description: | Identifier of the container application on container cluster e.g. PCF app id, k8s service id. readOnly: false title: |- External identifier of the container application type: string network_errors: description: |- List of network errors related to container application. items: $ref: '#/definitions/NetworkError' readOnly: false title: |- Network errors type: array network_status: description: |- Network status of container application. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- Network status of container application type: string origin_properties: description: | Array of additional specific properties of container application in key-value format. items: $ref: '#/definitions/KeyValuePair' readOnly: false title: |- Origin properties type: array status: description: |- Status of the container application. enum: - UNKNOWN - HEALTHY - UP - DOWN - DEGRADED readOnly: false title: |- Status of the container application type: string required: - external_id type: object x-vmw-nsx-module: InventoryContainerObj description: |- Container application within a project. title: |- Container application within a project x-vmw-nsx-module: InventoryContainerObj ContainerApplicationInstance: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: cluster_node_id: description: |- Cluster node id where application instance is running. readOnly: false title: |- Cluster node id type: string container_application_ids: description: |- List of identifiers of the container application. items: type: string readOnly: false title: |- Identifiers of the container application type: array container_cluster_id: description: |- Identifier of the container cluster this application instance belongs to. readOnly: true title: |- Identifier of the container cluster type: string container_project_id: description: | Identifier of the container project which this container application instance belongs to. readOnly: false title: |- Identifier of the project type: string external_id: description: |- Identifier of the container application instance on container cluster. readOnly: false title: |- External identifier of the container application instance type: string network_errors: description: |- List of network errors related to container application instance. items: $ref: '#/definitions/NetworkError' readOnly: false title: |- Network errors type: array network_status: description: |- Network status of container application instance. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- Network status of container application instance type: string origin_properties: description: | Array of additional specific properties of container application instance in key-value format. items: $ref: '#/definitions/KeyValuePair' readOnly: false title: |- Origin properties type: array status: description: |- Status of the container application instance. enum: - UNKNOWN - HEALTHY - UP - DOWN - DEGRADED readOnly: false title: |- Status of the container application instance type: string required: - external_id type: object x-vmw-nsx-module: InventoryContainerObj description: |- Container application instance within a project. title: |- Container Application Instance x-vmw-nsx-module: InventoryContainerObj ContainerCluster: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: cluster_type: description: | Type of the container cluster. In case of creating container cluster first time, it is expected to pass the valid cluster-type. In case of update, if there is no change in cluster-type, then this field can be omitted in the request. enum: - PAS - PKS - Kubernetes - Openshift - WCP - WCP_Guest - AKS - EKS - TKGm - TKGi - GKE - Gardener - Rancher - TAS - Other readOnly: false title: |- Type of the container cluster type: string cni_type: default: Other description: |- Specifies Container Network Interface type for container cluster. enum: - NCP - Antrea - Other readOnly: false title: |- CNI type for container cluster type: string external_id: description: |- External identifier of the container cluster. readOnly: false title: |- External identifier of the container cluster type: string infrastructure: $ref: '#/definitions/ContainerInfrastructureInfo' network_errors: description: |- List of network errors related to container cluster. items: $ref: '#/definitions/NetworkError' readOnly: false title: |- Network errors type: array network_status: description: |- Network status of container cluster. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- Network status of container cluster type: string origin_properties: description: | Array of additional specific properties of container cluster in key-value format. items: $ref: '#/definitions/KeyValuePair' readOnly: false title: |- Origin properties type: array supervisor_project_id: description: |- Specifies supervisor container project identifier for cluster. readOnly: false title: |- Supervisor ContainerProject identifier for cluster type: string type: object x-vmw-nsx-module: InventoryContainerObj description: |- Details of container cluster. title: |- Container cluster x-vmw-nsx-module: InventoryContainerObj ContainerClusterNode: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: cni_agent_status: description: |- Specifies Container Network Interface agent status of container cluster node. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- CNI agent status of container cluster node type: string container_cluster_id: description: |- External identifier of the container cluster. readOnly: false title: |- External identifier of the container cluster type: string external_id: description: | External identifier of the container cluster node in K8S/PAS. readOnly: false title: |- External identifier of the container cluster node type: string ip_addresses: description: |- List of IP addresses of container cluster node. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: false title: |- IP Addresses of Node type: array network_errors: description: |- List of network errors related to container cluster node. items: $ref: '#/definitions/NetworkError' readOnly: false title: |- Network errors type: array network_status: description: |- Network status of container cluster node. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- Network status of container cluster node type: string origin_properties: description: | Array of additional specific properties of container cluster node in key-value format. items: $ref: '#/definitions/KeyValuePair' readOnly: false title: |- Origin properties type: array provider_id: description: | Specifies identifier of container cluster node given by infrastructure provider of container cluster. e.g. in case of vSpehere, it will be instance uuid of worker node virtual machine. readOnly: false title: |- Provider id of container node type: string required: - external_id type: object x-vmw-nsx-module: InventoryContainerObj description: |- Details of container cluster node i.e. container host. title: |- Container cluster node x-vmw-nsx-module: InventoryContainerObj ContainerClusterStatus: properties: cluster_id: description: |- Identifier of the container cluster. title: |- Identifier of the container cluster type: string detail: description: |- Detail information on status. title: |- Detail information on status type: string interval: description: |- Display the cluster check interval in seconds. format: int32 maximum: 600 minimum: 60 readOnly: true title: |- Container cluster status check interval type: integer status: description: |- Display the container cluster status. enum: - UNKNOWN - HEALTHY - DOWN - DEGRADED type: string type: object x-vmw-nsx-module: TnContainerStatus ContainerClusterStatusList: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Container cluster list. items: $ref: '#/definitions/ContainerClusterSummary' readOnly: true title: |- Container cluster list type: array type: object x-vmw-nsx-module: TnContainerStatus description: |- List of the Container cluster title: |- List of the Container cluster x-vmw-nsx-module: TnContainerStatus ContainerClusterSummary: allOf: - $ref: '#/definitions/ManagedResource' - properties: cluster_id: description: |- Identifier of the container cluster. readOnly: true title: |- Identifier of the container cluster type: string cluster_name: description: |- Display the container cluster name title: |- Container cluster name type: string detail: description: |- Detail information on status. readOnly: true title: |- Detail information on status type: string status: description: |- Display the container cluster status. enum: - UNKNOWN - HEALTHY - DOWN - DEGRADED type: string type: description: |- Container cluster type. enum: - PAS - PKS - Kubernetes - Openshift - WCP - Other type: string required: - cluster_name - status type: object x-vmw-nsx-module: TnContainerStatus x-vmw-nsx-module: TnContainerStatus ContainerConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: header: $ref: '#/definitions/Header' labels: description: |- Labels for the container. items: $ref: '#/definitions/Label' minItems: 0 title: |- Labels type: array layout: $ref: '#/definitions/Layout' navigation: description: |- Hyperlink of the specified UI page that provides details. maxLength: 1024 title: |- Navigation to a specified UI page type: string widgets: description: |- If not specified, creates an empty container. items: $ref: '#/definitions/WidgetItem' minItems: 0 title: |- Widgets held by the container type: array type: object x-vmw-nsx-module: NsxDashboard description: |- Represents a container to group widgets that belong to a common category or have a common purpose. title: |- Container that holds widgets x-vmw-nsx-module: NsxDashboard ContainerInfrastructureInfo: description: | Details of infrastructure hosting the container cluster e.g. vSphere, AWS, VMC etc.. properties: infra_type: description: |- Type of the infrastructure. enum: - vSphere - AWS - Azure - Google - VMC - KVM - Baremetal readOnly: false title: |- Type of the infrastructure type: string required: - infra_type title: |- Details of container infrastructure type: object x-vmw-nsx-module: InventoryContainerObj ContainerIngressPolicy: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: container_application_ids: description: | List of identifiers of the container application , on which ingress policy is applied. e.g. IDs of all services on which the ingress is applied in kubernetes. items: type: string readOnly: false title: |- Identifiers of the container application type: array container_cluster_id: description: |- Identifier of the container cluster this ingress policy belongs to. readOnly: false title: |- Identifier of the container cluster type: string container_project_id: description: |- Identifier of the project which this container ingress belongs to. readOnly: false title: |- Identifier of the project type: string external_id: description: |- Identifier of the container ingress policy. readOnly: false title: |- External identifier of the container ingress policy type: string network_errors: description: |- List of network errors related to container ingress. items: $ref: '#/definitions/NetworkError' readOnly: false title: |- Network errors type: array network_status: description: |- Network status of container ingress. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- Network status of container ingress type: string origin_properties: description: | Array of additional specific properties of container ingress in key-value format. items: $ref: '#/definitions/KeyValuePair' readOnly: false title: |- Origin properties type: array spec: description: |- Container ingress policy specification. readOnly: false title: |- Container ingress policy specification type: string required: - external_id type: object x-vmw-nsx-module: InventoryContainerObj description: |- Details of Container Ingress Policy. title: |- Container Ingress Policy x-vmw-nsx-module: InventoryContainerObj ContainerNetworkPolicy: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: container_cluster_id: description: |- Identifier of the container cluster this network policy belongs to. readOnly: false title: |- Identifier of the container cluster type: string container_project_id: description: |- Identifier of the project which this network policy belongs to. readOnly: false title: |- Identifier of the project type: string external_id: description: |- Identifier of the container network policy. readOnly: false title: |- External identifier of the container network policy type: string network_errors: description: |- List of network errors related to container network policy. items: $ref: '#/definitions/NetworkError' readOnly: false title: |- Network errors type: array network_status: description: |- Network status of container network policy. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- Network status of container network policy type: string origin_properties: description: | Array of additional specific properties of container network policy in key-value format. items: $ref: '#/definitions/KeyValuePair' readOnly: false title: |- Origin properties type: array policy_type: description: |- Type e.g. Network Policy, ASG. enum: - NETWORK_POLICY - ASG - ACNP - ANP readOnly: false title: |- Type type: string spec: description: |- Container network policy specification. readOnly: false title: |- Container network policy specification type: string required: - external_id type: object x-vmw-nsx-module: InventoryContainerObj description: |- Network policy applied to container. title: |- Container Network Policy x-vmw-nsx-module: InventoryContainerObj ContainerProject: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: container_cluster_id: description: |- Identifier of the container cluster to which this project/namespace belongs. readOnly: false title: |- Identifier of the container cluster type: string external_id: description: |- External identifier of the container project. readOnly: false title: |- External identifier of the container project type: string network_errors: description: |- List of network errors related to container project. items: $ref: '#/definitions/NetworkError' readOnly: false title: |- Network errors type: array network_status: description: |- Network status of container project. enum: - HEALTHY - UNHEALTHY readOnly: false title: |- Network status of container project type: string origin_properties: description: | Array of additional specific properties of container project in key-value format. items: $ref: '#/definitions/KeyValuePair' readOnly: false title: |- Origin properties type: array required: - external_id type: object x-vmw-nsx-module: InventoryContainerObj description: |- Details of org/namespace within a container cluster. title: |- Container project within a container cluster x-vmw-nsx-module: InventoryContainerObj ContextProfileAttributesMetadata: description: |- Key value structure for holding metadata of context profile attributes properties: key: description: |- Key for metadata title: |- Key for metadata type: string value: description: |- Value for metadata key title: |- Value for metadata key type: string required: - value - key title: |- Key value structure for holding metadata of context profile attributes type: object x-vmw-nsx-module: PolicyContextProfile ControlConnStatus: properties: control_node_ip: description: |- IP address of the control Node. readOnly: true title: |- IP address of the control Node. type: string failure_status: description: |- Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT. enum: - CONNECTION_REFUSED - INCOMPLETE_HOST_CERT - INCOMPLETE_CONTROLLER_CERT - CONTROLLER_REJECTED_HOST_CERT - HOST_REJECTED_CONTROLLER_CERT - KEEP_ALIVE_TIMEOUT - OTHER_SSL_ERROR - OTHER_ERROR readOnly: true title: |- Failure status of the control Node for e.g CONNECTION_REFUSED,INCOMPLETE_HOST_CERT. type: string status: description: |- Status of the control Node for e.g UP, DOWN. enum: - UP - DOWN readOnly: true title: |- Status of the control Node for e.g UP, DOWN. type: string type: object x-vmw-nsx-module: FabricNode CpuCoreConfigForEnhancedNetworkingStackSwitch: description: |- Non Uniform Memory Access (NUMA) nodes and Logical cpu cores (Lcores) per NUMA node configuration for Enhanced Networking Stack enabled HostSwitch. properties: num_lcores: description: |- Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node format: int32 minimum: 1 readOnly: false title: |- Number of Logical cpu cores (Lcores) to be placed on a specified NUMA node type: integer numa_node_index: description: |- Unique index of the Non Uniform Memory Access (NUMA) node format: int32 minimum: 0 readOnly: false title: |- Unique index of the Non Uniform Memory Access (NUMA) node type: integer required: - num_lcores - numa_node_index title: |- Enhanced Networking Stack CPU configuration type: object x-vmw-nsx-module: TransportNode CpuUsage: description: |- CPU usage of DPDK and non-DPDK cores properties: avg_cpu_core_usage_dpdk: description: |- Indicates the average usage of all DPDK cores in percentage. readOnly: true title: |- Average utilization of all DPDK cores type: number avg_cpu_core_usage_non_dpdk: description: |- Indicates the average usage of all non-DPDK cores in percentage. readOnly: true title: |- Average usage of all non-DPDK cores type: number highest_cpu_core_usage_dpdk: description: |- Indicates the highest CPU utilization value among DPDK cores in percentage. readOnly: true title: |- Highest CPU utilization value among DPDK cores type: number highest_cpu_core_usage_non_dpdk: description: |- Indicates the highest cpu utilization value among non_dpdk cores in percentage. readOnly: true title: |- Highest CPU utilization value among non-DPDK cores type: number title: |- CPU usage of DPDK and non-DPDK cores type: object x-vmw-nsx-module: ApplianceStats Criterion: description: | Event Criterion is the logical evaluations by which the event may be deemed fulfilled. All the evaluations must be met in order for the criterion to be met (implicit AND). properties: evaluations: description: | Criterion Evaluations. items: $ref: '#/definitions/Evaluation' minItems: 1 title: |- Criterion Evaluations type: array required: - evaluations title: |- Event Criterion type: object x-vmw-nsx-module: PolicyReaction CrossSiteFlowInfo: description: | Represents details of the config flow between sites. Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM) properties: from_site_id: description: |- Site id of the source title: |- Site id of the source type: string from_site_path: description: |- Source site policy path title: |- Source site policy path type: string full_sync_info: $ref: '#/definitions/FullSyncInfo' latency_measured_ts: description: |- Timestamp of latency measurement format: int64 title: |- Timestamp of latency measurement type: integer latency_millis: description: |- Latency from source to destination site in milli seconds format: int64 title: |- Latency from source to destination site in milli seconds type: integer status: description: |- Overall status of the flow enum: - GOOD - DISCONNECTED - RECOVERY - ERROR - UNKNOWN - NOT_READY title: |- Overall status of the flow type: string to_site_id: description: |- Site id of the destination title: |- Site id of the destination type: string to_site_path: description: |- Destination site policy path title: |- Destination site policy path type: string title: |- Information about config flow in federation type: object x-vmw-nsx-module: FederationObservability CsvListResult: description: |- Base type for CSV result. properties: file_name: description: |- File name set by HTTP server if API returns CSV result as a file. title: |- File name type: string type: object x-vmw-nsx-module: CsvTypes CsvRecord: description: |- Base type for CSV records. type: object x-vmw-nsx-module: CsvTypes CurrentBackupOperationStatus: description: |- Current backup operation status properties: backup_id: description: |- Unique identifier of current backup title: |- Unique identifier of current backup type: string current_step: description: |- Current step of operation enum: - BACKUP_CREATING_CLUSTER_BACKUP - BACKUP_CREATING_NODE_BACKUP title: |- Current step of operation type: string current_step_message: description: |- Additional human-readable status information about current step title: |- Additional human-readable status information about current step type: string end_time: description: |- Time when operation is expected to end format: int64 type: integer operation_type: description: | Type of operation that is in progress. Returns none if no operation is in progress, in which case none of the other fields will be set. enum: - NONE - BACKUP title: | Type of operation that is in progress. Returns none if no operation is in progress, in which case none of the other fields will be set. type: string start_time: description: |- Time when operation was started format: int64 type: integer title: |- Current backup operation status type: object x-vmw-nsx-module: BackupConfiguration CustomFilterWidgetConfiguration: allOf: - $ref: '#/definitions/FilterWidgetConfiguration' - properties: ui_component_identifier: description: |- User defined filter component selector to be rendered inside view/container. title: |- UI identifier for filter component to be rendered inside view/container type: string required: - ui_component_identifier type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration for custom filter widget. For this widget the data source is not applicable. It defines ui identifer for filter UI component and render it on dashboard view. This configuration can only be used for system owned widgets. title: |- Custom Filter widget Configuration x-vmw-nsx-module: NsxDashboard CustomWidgetConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: ui_component_identifier: description: |- User defined component selector to be rendered inside view/container. title: |- UI identifier for component to be rendered inside view/container type: string type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration for custom widget. For this widget the data source is not applicable. It defines ui identifer to identify UI component and render it on dashboard view. This configuration can only be used for system owned widgets. title: |- Custom widget Configuration x-vmw-nsx-module: NsxDashboard CvxConnectionInfo: allOf: - $ref: '#/definitions/EnforcementPointConnectionInfo' - properties: password: description: |- Password. title: |- Password type: string thumbprint: description: | Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX. title: |- Thumbprint of Enforcement Point type: string username: description: |- Username. title: |- Username type: string type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Credential info to connect to a CVX type of enforcement point. title: |- CVX Connection Info x-vmw-nsx-module: PolicyEnforcementPointManagement DNSForwarderStatisticsPerEnforcementPoint: description: | DNS forwarder statistics per enforcement point. discriminator: resource_type properties: enforcement_point_path: description: | Policy path referencing the enforcement point from where the statistics are fetched. readOnly: true title: |- Enforcement point path type: string resource_type: enum: - NsxTDNSForwarderStatistics type: string required: - resource_type title: |- DNS forwarder statistics per enforcement point type: object x-vmw-nsx-module: PolicyDNSStatistics DNSForwarderStatusPerEnforcementPoint: description: | DNS forwarder status per enforcement point. discriminator: resource_type properties: enforcement_point_path: description: | Policy path referencing the enforcement point from where the status is fetched. readOnly: true title: |- Enforcement point path type: string resource_type: enum: - NsxTDNSForwarderStatus type: string required: - resource_type title: |- DNS forwarder status per enforcement point type: object x-vmw-nsx-module: PolicyDNSStatistics DVSConfig: description: |- The DVS Configuration properties: host_infra_traffic_res: description: | host_infra_traffic_res specifies bandwidth allocation for various traffic resources. items: $ref: '#/definitions/ResourceAllocation' readOnly: false title: |- Resource allocation associated with NiocProfile type: array lacp_group_configs: description: | It contains information about VMware specific multiple dynamic LACP groups. items: $ref: '#/definitions/LacpGroupConfigInfo' readOnly: false title: |- Array of Link Aggregation Control Protocol (LACP) configuration type: array lldp_send_enabled: default: false description: |- Enabled or disabled sending LLDP packets title: |- Enabled or disabled sending LLDP packets type: boolean mtu: description: |- Maximum Transmission Unit used for uplinks format: int32 minimum: 1600 title: |- Maximum Transmission Unit used for uplinks type: integer name: description: |- The DVS name readOnly: false title: |- The DVS name type: string uplink_port_names: description: |- Names of uplink ports for this DVS. items: type: string minItems: 1 readOnly: false title: |- Uplink port names type: array uuid: description: |- The DVS uuid readOnly: false title: |- The DVS uuid type: string required: - name - uplink_port_names title: |- The DVS Configuration type: object x-vmw-nsx-module: DistributedVirtualSwitch DataCounter: properties: dropped: description: |- The dropped packets or bytes format: int64 title: |- The dropped packets or bytes type: integer multicast_broadcast: description: |- The multicast and broadcast packets or bytes format: int64 title: |- The multicast and broadcast packets or bytes type: integer total: description: |- The total packets or bytes format: int64 title: |- The total packets or bytes type: integer required: - total type: object x-vmw-nsx-module: AggSvcL2Types Datasource: description: |- An instance of a datasource configuration. properties: display_name: description: |- Name of a datasource instance. maxLength: 255 title: |- Datasource instance's display name type: string keystore_info: $ref: '#/definitions/KeyStoreInfo' urls: description: |- Array of urls relative to the datasource configuration. For example, api/v1/fabric/nodes is a relative url of nsx-manager instance. items: $ref: '#/definitions/UrlAlias' title: |- Array of relative urls and their aliases type: array required: - display_name - urls title: |- Datasource Instance type: object x-vmw-nsx-module: NsxDashboard DefaultFilterValue: description: |- An instance of a datasource configuration. properties: alias: description: |- Filter alias. title: |- Filter alias type: string value: description: |- Filter default value. title: |- Filter default value type: string required: - alias - value title: |- Default filter values type: object x-vmw-nsx-module: NsxDashboard DependentServices: properties: dependent_services: description: |- List of firewall dependent services. items: type: string title: |- List of firewall dependent services type: array type: object x-vmw-nsx-module: PolicyFirewallConfiguration DeploymentChecksAction: description: |- Pre/Post deployment check. properties: action: description: | Run pre/post deployment checks. PRE_CHECKS - Run pre-check before deployment. POST_CHECKS - Run post-check after deployment. ABORT_CHECKS - Abort running pre/post deployement checks. enum: - PRE_CHECKS - POST_CHECKS - ABORT_CHECKS title: |- Pre/post deployment checks type: string required: - action title: |- Pre/Post deployment check type: object x-vmw-nsx-module: PolicyCloudNative DeploymentChecksStatus: description: |- Pre/Post deployment status. properties: description: description: | Show more information about pre/post check performed. title: |- More detail about check type: string name: description: |- Name of pre/post check. title: |- Name of pre/post check type: string reason: description: | Reason for failure of pre/post check. Otherwise empty. title: |- Reason in case of pre/post check failure type: string status: description: | Status pre/post check. SUCCESS - Successfully completed pre/post check. FAILED - Failed pre/post check. WARNING - Warning in pre/post check. SKIPPED - Pre/post check skipped. IN_PROGRESS - Pre/post check in progress. STOPPING - Stopping pre/post check. STOPPED - Pre/post check stopped. NOT_STARTED - Pre/post check not started enum: - SUCCESS - FAILED - WARNING - SKIPPED - IN_PROGRESS - STOPPING - STOPPED - NOT_STARTED title: |- Status of pre/post check type: string title: |- Pre/Post deployment status type: object x-vmw-nsx-module: PolicyCloudNative DeploymentChecksStatusResult: description: |- List of pre/post check. properties: results: description: |- Array of pre/post deployment checks. items: $ref: '#/definitions/DeploymentChecksStatus' title: |- Array of pre/post deployment checks type: array title: |- List of pre/post check type: object x-vmw-nsx-module: PolicyCloudNative DeploymentProgressStatus: description: |- Progress status of deployment. properties: error_message: description: | Errors during deployment. items: type: string title: |- Error message type: array overall_status: description: | Progress status of deployment. DEPLOYMENT_IN_PROGRESS - Deployment in progress. UNDEPLOYMENT_IN_PROGRESS - Undeployment in progress. UPGRADE_IN_PROGRESS - Upgrade in progress. UPDATE_IN_PROGRESS - Update in progress. DEPLOYMENT_QUEUED - Deployment queued. UNDEPLOYMENT_QUEUED - Undeployment queued. UPDATE_QUEUED - Update queued. DEPLOYMENT_SUCCESSFUL - Deployment successful. UNDEPLOYMENT_SUCCESSFUL - Undeployment successful. UPGRADE_SUCCESSFUL - Upgrade successful. UPDATE_SUCCESSFUL - Update successful. DEPLOYMENT_FAILED - Deployment failed. UNDEPLOYMENT_FAILED - Undeployment failed. UPGRADE_FAILED - Upgrade failed. UPDATE_FAILED - Update failed. NOT_DEPLOYED - Deployment pending. enum: - DEPLOYMENT_IN_PROGRESS - UNDEPLOYMENT_IN_PROGRESS - UPGRADE_IN_PROGRESS - UPDATE_IN_PROGRESS - DEPLOYMENT_QUEUED - UNDEPLOYMENT_QUEUED - UPDATE_QUEUED - DEPLOYMENT_SUCCESSFUL - UNDEPLOYMENT_SUCCESSFUL - UPGRADE_SUCCESSFUL - UPDATE_SUCCESSFUL - DEPLOYMENT_FAILED - UNDEPLOYMENT_FAILED - UPGRADE_FAILED - UPDATE_FAILED - NOT_DEPLOYED title: |- Progress status of deployment type: string percentage: description: | Percentage completed for deployment. format: int64 title: |- Percentage completed type: integer progress_message: description: | More information about progress. title: |- Progress message type: string required: - overall_status title: |- Progress status of deployment/undeployment/upgrade type: object x-vmw-nsx-module: PolicyCloudNative DeploymentRegistry: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: docker_registry: description: |- Docker url for containers. title: |- Docker url for containers type: string helm_repo: description: |- Repo url to access helm chart. title: |- Repo url to access helm chart type: string required: - docker_registry - helm_repo type: object x-vmw-nsx-module: PolicyCloudNative description: |- Template for storing docker registry and helm url. title: |- NSX Application Platform registry template x-vmw-nsx-module: PolicyCloudNative DeploymentTemplate: description: |- Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX. properties: attributes: description: |- List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. items: $ref: '#/definitions/Attribute' maxItems: 128 readOnly: false title: |- Deployment Template attributes type: array name: description: |- Deployment Template name. readOnly: false title: |- name type: string title: |- Service Deployment Template type: object x-vmw-nsx-module: ServiceInsertionCommonTypes DeploymentVersionSpec: description: | Deployment version with chart name properties: chart_name: description: |- Deployment chart name. title: |- Deployment chart name type: string versions: description: |- List of deployment versions. title: |- Deployment versions type: string title: |- Deployment version type: object x-vmw-nsx-module: PolicyCloudNative DeploymentVersions: description: |- Different NSX Application Platform deployment versions. properties: versions: description: |- List of deployment versions. items: $ref: '#/definitions/DeploymentVersionSpec' title: |- Deployment versions type: array title: |- List of deployment versions type: object x-vmw-nsx-module: PolicyCloudNative DeploymentZone: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enforcement_points: description: |- Logical grouping of enforcement points items: $ref: '#/definitions/EnforcementPoint' title: |- Logical grouping of enforcement points type: array type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: | Logical grouping of enforcement points. This is a deprecated type. DeploymentZone has been renamed to Site. Use Site. title: |- Deployment zone x-vmw-nsx-module: PolicyEnforcementPointManagement DeploymentZoneListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Deployment Zones items: $ref: '#/definitions/DeploymentZone' title: |- Deployment Zones type: array required: - results type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: | Paged Collection of Deployment Zones. This is a deprecated type. DeploymentZone has been renamed to Site. Use SiteListResult. title: |- Paged Collection of Deployment Zones x-vmw-nsx-module: PolicyEnforcementPointManagement DfwFirewallConfiguration: allOf: - $ref: '#/definitions/FirewallConfiguration' - properties: idfw_enabled: default: false description: | If set to true, identity firewall is enabled. title: |- Identity firewall enable flag type: boolean idfw_event_log_scraper_enabled: default: false description: | Enables event log scraping for Identity firewall. title: |- Enable event log scraping type: boolean idfw_loginsight_enabled: default: false description: | If set to true, collection of login/logout events from Loginsight server is enabled. title: |- Enable Loginsight server for Identity Firewall type: boolean type: object x-vmw-nsx-module: Policy description: |- DFW Firewall related configurations title: |- DFW Firewall related configurations x-vmw-nsx-module: Policy DhcpDeleteLeaseRequestParameters: properties: ip: description: |- IPv4 or IPv6 address format: ip type: string mac: description: | A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case, separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB. format: mac-address type: string required: - ip - mac type: object x-vmw-nsx-module: Dhcp DhcpDeleteLeases: description: |- List of DHCP leases to be deleted properties: leases: description: |- List of DHCP leases items: $ref: '#/definitions/DhcpDeleteLeaseRequestParameters' maxItems: 100 minItems: 1 title: |- List of DHCP leases type: array required: - leases title: |- List of DHCP leases to be deleted type: object x-vmw-nsx-module: PolicyConnectivity DhcpHeader: properties: op_code: default: BOOTREQUEST description: |- This is used to specify the general type of message. A client sending request to a server uses an op code of BOOTREQUEST, while a server replying uses an op code of BOOTREPLY. enum: - BOOTREQUEST - BOOTREPLY title: |- Message op code / message type type: string type: object x-vmw-nsx-module: Traceflow DhcpIpPoolUsage: properties: allocated_number: description: |- allocated number. COULD BE INACCURATE, REFERENCE ONLY. format: int64 title: |- allocated number. COULD BE INACCURATE, REFERENCE ONLY. type: integer allocated_percentage: description: |- allocated percentage. COULD BE INACCURATE, REFERENCE ONLY. format: int64 title: |- allocated percentage. COULD BE INACCURATE, REFERENCE ONLY. type: integer dhcp_ip_pool_id: description: |- uuid of dhcp ip pool title: |- uuid of dhcp ip pool type: string pool_size: description: |- pool size format: int64 title: |- pool size type: integer required: - allocated_percentage - pool_size - allocated_number - dhcp_ip_pool_id type: object x-vmw-nsx-module: AggSvcDhcp DhcpLeasePerIP: properties: expire_time: description: |- expire time of the lease title: |- expire time of the lease type: string ip_address: description: |- ip address of client title: |- ip address of client type: string lease_time: description: |- lease time of the ip address, in seconds title: |- lease time of the ip address, in seconds type: string mac_address: description: |- mac address of client title: |- mac address of client type: string start_time: description: |- start time of lease title: |- start time of lease type: string subnet: description: |- subnet of client network title: |- subnet of client network type: string required: - start_time - ip_address - mac_address type: object x-vmw-nsx-module: AggSvcDhcp DhcpLeases: allOf: - $ref: '#/definitions/ListResult' - properties: dhcp_server_id: description: |- dhcp server uuid title: |- dhcp server uuid type: string leases: description: |- The lease info list of the server items: $ref: '#/definitions/DhcpLeasePerIP' maxItems: 65535 minItems: 0 title: |- The lease info list of the server type: array timestamp: description: |- timestamp of the lease info format: int64 type: integer type: object x-vmw-nsx-module: AggSvcDhcp x-vmw-nsx-module: AggSvcDhcp DhcpLeasesResult: allOf: - $ref: '#/definitions/DhcpLeases' - properties: connectivity_path: description: | Policy path to Segment, Tier0 or Tier1 gateway where DHCP server is attached. title: |- Policy path to Segment, Tier0 or Tier1 gateway type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics DhcpOption121: description: |- DHCP option 121 to define classless static route. properties: static_routes: description: |- Classless static route of DHCP option 121. items: $ref: '#/definitions/ClasslessStaticRoute' maxItems: 27 minItems: 1 title: |- DHCP classless static routes type: array required: - static_routes title: |- DHCP option 121 type: object x-vmw-nsx-module: Dhcp DhcpRelayConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: server_addresses: description: | DHCP server IP addresses for DHCP relay configuration. Both IPv4 and IPv6 addresses are supported. items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 8 title: |- DHCP relay addresses type: array required: - server_addresses type: object x-vmw-nsx-module: PolicyConnectivity description: | DHCP relay configuration. Please note, the realized-state of this entity returned by the "GET /policy/api/v1/infra/realized-state/realized-entity" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-relay-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway. title: |- DHCP relay configuration x-vmw-nsx-module: PolicyConnectivity DhcpRelayConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- DhcpRelayConfig results items: $ref: '#/definitions/DhcpRelayConfig' title: |- DhcpRelayConfig results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of DhcpRelayConfigs title: |- Paged collection of DhcpRelayConfigs x-vmw-nsx-module: PolicyConnectivity DhcpServerConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: edge_cluster_path: description: | The reference to the edge cluster using the policy path of the edge cluster. Auto assigned if only one edge cluster is configured on enforcement-point. Modifying edge cluster will reallocate DHCP server to the new edge cluster. Please note that re-allocating edge-cluster will result in losing of all exisitng DHCP lease information. Change edge cluster only when losing DHCP leases is not a real problem, e.g. cross-site migration or failover and all client hosts will be reboot and get new IP addresses. title: |- Edge cluster path type: string lease_time: default: 86400 description: | IP address lease time in seconds. format: int64 maximum: 4294967295 minimum: 60 title: |- IP address lease time in seconds type: integer preferred_edge_paths: description: | Policy paths to edge nodes on which the DHCP servers run. The first edge node is assigned as active edge, and second one as stanby edge. If only one edge node is specified, the DHCP servers will run without HA support. When this property is not specified, edge nodes are auto-assigned during realization of the DHCP server. items: type: string maxItems: 2 title: |- Edge node path type: array server_address: description: | DHCP server address in CIDR format. Prefix length should be less than or equal to 30. DHCP server is deployed as DHCP relay service. This property is deprecated, use server_addresses instead. Both properties cannot be specified together with different new values. format: ip-cidr-block title: |- DHCP server address in CIDR format type: string x-deprecated: true server_addresses: description: | DHCP server address in CIDR format. Both IPv4 and IPv6 address families are supported. Prefix length should be less than or equal to 30 for IPv4 address family and less than or equal to 126 for IPv6. When not specified, IPv4 value is auto-assigned to 100.96.0.1/30. Ignored when this object is configured at a Segment. items: format: ip-cidr-block type: string maxItems: 2 title: |- DHCP server address in CIDR format type: array type: object x-vmw-nsx-module: PolicyConnectivity description: | DHCP server configuration. Please note, the realized-state of this entity returned by the "GET /policy/api/v1/infra/realized-state/realized-entity" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-server-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway. title: |- DHCP server configuration x-vmw-nsx-module: PolicyConnectivity DhcpServerConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- DhcpServerConfig results items: $ref: '#/definitions/DhcpServerConfig' title: |- DhcpServerConfig results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of DhcpServerConfigs title: |- Paged collection of DhcpServerConfigs x-vmw-nsx-module: PolicyConnectivity DhcpServerState: allOf: - $ref: '#/definitions/ConfigurationState' - type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics DhcpServerStatistics: allOf: - $ref: '#/definitions/DhcpStatistics' - type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics DhcpServerStatus: properties: active_node: description: |- uuid of active transport node title: |- uuid of active transport node type: string error_message: description: |- Error message, if available title: |- Error message, if available type: string service_status: description: | UP means the dhcp service is working fine on both active transport-node and stand-by transport-node (if have), hence fail-over can work at this time if there is failure happens on one of the transport-node; DOWN means the dhcp service is down on both active transport-node and stand-by node (if have), hence the dhcp-service will not repsonse any dhcp request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The dhcp service may be working (or not working); NO_STANDBY means dhcp service is working in one of the transport node while not in the other transport-node (if have). Hence if the dhcp service in the working transport-node is down, fail-over will not happen and the dhcp service will go down. enum: - UP - DOWN - ERROR - NO_STANDBY type: string stand_by_node: description: |- uuid of stand_by transport node. null if non-HA mode title: |- uuid of stand_by transport node. null if non-HA mode type: string required: - service_status - active_node type: object x-vmw-nsx-module: AggSvcDhcp DhcpStaticBindingConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: enum: - DhcpV4StaticBindingConfig - DhcpV6StaticBindingConfig type: string required: - resource_type type: object x-vmw-nsx-module: PolicyConnectivity description: | DHCP IPv4 and IPv6 static bindings are extended from this abstract class. title: |- Base class for DHCP options x-vmw-nsx-module: PolicyConnectivity DhcpStaticBindingConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of DhcpStaticBindingConfig items: $ref: '#/definitions/DhcpStaticBindingConfig' title: |- Paginated list of DhcpStaticBindingConfig type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity DhcpStaticBindingState: allOf: - $ref: '#/definitions/ConfigurationState' - type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics DhcpStatistics: properties: acks: description: |- The total number of DHCP ACK packets format: int64 title: |- The total number of DHCP ACK packets type: integer declines: description: |- The total number of DHCP DECLINE packets format: int64 title: |- The total number of DHCP DECLINE packets type: integer dhcp_server_id: description: |- dhcp server uuid title: |- dhcp server uuid type: string discovers: description: |- The total number of DHCP DISCOVER packets format: int64 title: |- The total number of DHCP DISCOVER packets type: integer errors: description: |- The total number of DHCP errors format: int64 title: |- The total number of DHCP errors type: integer informs: description: |- The total number of DHCP INFORM packets format: int64 title: |- The total number of DHCP INFORM packets type: integer ip_pool_stats: description: |- The DHCP ip pool usage statistics items: $ref: '#/definitions/DhcpIpPoolUsage' title: |- The DHCP ip pool usage statistics type: array nacks: description: |- The total number of DHCP NACK packets format: int64 title: |- The total number of DHCP NACK packets type: integer offers: description: |- The total number of DHCP OFFER packets format: int64 title: |- The total number of DHCP OFFER packets type: integer releases: description: |- The total number of DHCP RELEASE packets format: int64 title: |- The total number of DHCP RELEASE packets type: integer requests: description: |- The total number of DHCP REQUEST packets format: int64 title: |- The total number of DHCP REQUEST packets type: integer timestamp: description: |- timestamp of the statistics format: int64 type: integer required: - errors - releases - informs - timestamp - dhcp_server_id - nacks - offers - discovers - acks - declines - requests type: object x-vmw-nsx-module: AggSvcDhcp DhcpV4Options: description: |- DHCP options for IPv4 server. properties: option121: $ref: '#/definitions/DhcpOption121' others: description: | To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. -------------------------- Code Name -------------------------- 2 Time Offset 6 Domain Name Server 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 93 PXE: Client system architecture 94 PXE: Client NDI 97 PXE: UUID/UNDI 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 175 Etherboot 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time items: $ref: '#/definitions/GenericDhcpOption' maxItems: 255 minItems: 0 title: |- Other DHCP options type: array title: |- DHCP options for IPv4 address family type: object x-vmw-nsx-module: PolicyConnectivity DhcpV4StaticBindingConfig: allOf: - $ref: '#/definitions/DhcpStaticBindingConfig' - properties: gateway_address: description: | When not specified, gateway address is auto-assigned from segment configuration. format: ipv4 type: string host_name: description: | Hostname to assign to the host. maxLength: 63 title: |- Host name type: string ip_address: description: | IP assigned to host. The IP address must belong to the subnet, if any, configured on Segment. format: ipv4 type: string lease_time: default: 86400 description: | DHCP lease time in seconds. format: int64 maximum: 4294967295 minimum: 60 title: |- Lease time type: integer mac_address: description: | MAC address of the host. format: mac-address type: string options: $ref: '#/definitions/DhcpV4Options' required: - ip_address - mac_address type: object x-vmw-nsx-module: PolicyConnectivity description: | DHCP IPv4 static bindings are configured for each segment. title: |- DHCP static binding x-vmw-nsx-module: PolicyConnectivity DhcpV6StaticBindingConfig: allOf: - $ref: '#/definitions/DhcpStaticBindingConfig' - properties: dns_nameservers: description: | When not specified, no DNS nameserver will be set to client host. items: type: string maxItems: 2 minItems: 0 title: |- DNS nameservers to be set to client host type: array domain_names: description: | When not specified, no domain name will be assigned to client host. items: type: string title: |- Domain names to be assigned to client host type: array ip_addresses: description: | When not specified, no ip address will be assigned to client host. items: description: |- IPv6 address format: ipv6 type: string maxItems: 1 minItems: 0 title: |- IP addresses to be assigned to client host type: array lease_time: default: 86400 description: |- Lease time, in seconds. format: int64 maximum: 4294967295 minimum: 60 title: |- Lease time type: integer mac_address: description: | The MAC address of the client host. Either client-duid or mac-address, but not both. format: mac-address type: string preferred_time: description: | Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used. format: int64 maximum: 4294967295 minimum: 48 title: |- Preferred time type: integer sntp_servers: description: |- SNTP server IP addresses. items: description: |- IPv6 address format: ipv6 type: string maxItems: 2 minItems: 0 title: |- SNTP server ips type: array required: - mac_address type: object x-vmw-nsx-module: PolicyConnectivity description: | DHCP IPv6 static bindings are configured for each segment. title: |- DHCP static binding x-vmw-nsx-module: PolicyConnectivity Dhcpv6Header: properties: msg_type: default: SOLICIT description: |- This is used to specify the DHCP v6 message. To request the assignment of one or more IPv6 addresses, a client first locates a DHCP server and then requests the assignment of addresses and other configuration information from the server. The client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers address to find available DHCP servers. Any server that can meet the client's requirements responds with an Advertise message. The client then chooses one of the servers and sends a Request message to the server asking for confirmed assignment of addresses and other configuration information. The server responds with a Reply message that contains the confirmed addresses and configuration. SOLICIT - A client sends a Solicit message to locate servers. ADVERTISE - A server sends and Advertise message to indicate that it is available. REQUEST - A client sends a Request message to request configuration parameters. REPLY - A server sends a Reply message containing assigned addresses and configuration parameters. enum: - SOLICIT - ADVERTISE - REQUEST - REPLY title: |- DHCP message type type: string type: object x-vmw-nsx-module: Traceflow DirectoryAdDomain: allOf: - $ref: '#/definitions/DirectoryDomain' - properties: base_distinguished_name: description: |- Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head. title: |- Directory domain base distinguished name type: string netbios_name: description: |- NetBIOS names can contain all alphanumeric characters except for the certain disallowed characters. Names can contain a period, but names cannot start with a period. NetBIOS is similar to DNS in that it can serve as a directory service, but more limited as it has no provisions for a name hierarchy and names are limited to 15 characters. The netbios name is case insensitive and is stored in upper case regardless of input case. title: |- Directory domain NETBIOS name type: string selective_sync_settings: $ref: '#/definitions/SelectiveSyncSettings' sync_settings: $ref: '#/definitions/DirectoryDomainSyncSettings' required: - base_distinguished_name - netbios_name type: object x-vmw-nsx-module: DirectoryService description: |- Active Directory Domain title: |- Active Directory Domain x-vmw-nsx-module: DirectoryService DirectoryAdGroup: allOf: - $ref: '#/definitions/DirectoryGroup' - properties: object_guid: description: |- GUID is a 128-bit value that is unique not only in the enterprise but also across the world. GUIDs are assigned to every object created by Active Directory, not just User and Group objects. title: |- Active directory group object guid type: string secure_id: description: |- A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components - The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID. title: |- Active directory group secure id type: string required: - object_guid - secure_id type: object x-vmw-nsx-module: DirectoryService x-vmw-nsx-module: DirectoryService DirectoryDomain: allOf: - $ref: '#/definitions/ManagedResource' - discriminator: resource_type properties: event_log_servers: description: |- Directory domain Event Log server's information including host, name, protocol and so on. items: $ref: '#/definitions/DirectoryEventLogServer' maxItems: 50 readOnly: true title: |- Event Log server of directory domain type: array ldap_servers: description: |- Directory domain LDAP servers' information including host, name, port, protocol and so on. items: $ref: '#/definitions/DirectoryLdapServer' maxItems: 50 title: |- LDAP server of directory domain type: array name: description: |- Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains. title: |- Directory domain name type: string resource_type: description: |- Domain resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdDomain is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type. enum: - DirectoryAdDomain title: |- Directory domain resource type type: string required: - ldap_servers - name - resource_type type: object x-vmw-nsx-module: DirectoryService description: |- Directory Domain title: |- Directory Domain x-vmw-nsx-module: DirectoryService DirectoryDomainListResults: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of Directory Domains items: $ref: '#/definitions/DirectoryDomain' maxItems: 500 title: |- List of Directory Domains type: array required: - results type: object x-vmw-nsx-module: DirectoryService description: |- List of Directory Domain title: |- List of Directory Domain x-vmw-nsx-module: DirectoryService DirectoryDomainSize: description: |- Size of Directory Domain properties: group_count: description: |- Number of groups format: int32 readOnly: true title: |- Number of groups type: integer group_member_count: description: |- Number of group members format: int32 readOnly: true title: |- Number of group members type: integer user_count: description: |- Number of users format: int32 readOnly: true title: |- Number of users type: integer title: |- Size of Directory Domain type: object x-vmw-nsx-module: DirectoryService DirectoryDomainSyncSettings: description: |- Domain synchronization settings properties: delta_sync_interval: default: 180 description: |- Directory domain delta synchronization interval time between two delta sync in minutes. format: int64 maximum: 720 minimum: 5 title: |- Delta synchronization inverval in minutes type: integer full_sync_cron_expr: description: |- Directory domain full synchronization schedule using cron expression. For example, cron expression "0 0 12 ? * SUN *" means full sync is scheduled every Sunday midnight. If this object is null, it means there is no background cron job running for full sync. title: |- Full synchronization cron expression type: string sync_delay_in_sec: default: 30 description: | Sync delay after Directory domain has been successfully created. if delay is -1, initial full sync will not be triggered. format: int32 maximum: 600 minimum: -1 title: |- Sync delay (in second). type: integer title: |- Domain synchronization settings type: object x-vmw-nsx-module: DirectoryService DirectoryDomainSyncStats: description: |- Directory domain synchronization statistics properties: avg_delta_sync_time: description: |- All the historical delta sync are counted in calculating the average delta sync time in milliseconds. format: int64 readOnly: true title: |- Average time spent for all historical delta sync type: integer avg_full_sync_time: description: |- All the historical full sync are counted in calculating the average full sync time in milliseconds. format: int64 readOnly: true title: |- Average time spent for all historical full sync type: integer current_state: description: |- Current running state of the directory domain in synchronization life cycle. It could be one of the following five states. SELECTIVE_FULL_SYNC and SELECTIVE_DELTA_SYNC are sync states for selective sync. enum: - IDLE - FULL_SYNC - DELTA_SYNC - SELECTIVE_FULL_SYNC - SELECTIVE_DELTA_SYNC readOnly: true title: |- Current state of directory domain sync context type: string current_state_begin_time: description: |- Since what time the current state has begun. The time is expressed in millisecond epoch time. format: int64 readOnly: true type: integer num_delta_sync: description: |- number of successful historical delta sync initiated either by system or by API request. format: int64 readOnly: true title: |- Total number of successful delta sync type: integer num_full_sync: description: |- number of successful historical full sync initiated either by system or by API request. format: int64 readOnly: true title: |- Total number of successful full sync type: integer prev_sync_end_time: description: |- Directory domain previous sync ending time expressed in millisecond epoch time. format: int64 readOnly: true type: integer prev_sync_error: description: |- Directory domain previous sync status error if last status was failure. readOnly: true title: |- Previous sync error type: string prev_sync_status: description: |- Directory domain previous sync status. It could be one of the following two states. enum: - SUCCESS - FAILURE - UNKNOWN readOnly: true title: |- Previous sync status type: string prev_sync_type: description: |- Directory domain previous sync type. It could be one of the following five states. Right after the directory domain is configured, this field is set to IDLE. enum: - IDLE - FULL_SYNC - DELTA_SYNC - SELECTIVE_FULL_SYNC - SELECTIVE_DELTA_SYNC readOnly: true title: |- Previous sync type type: string title: |- Directory domain synchronization statistics type: object x-vmw-nsx-module: DirectoryService DirectoryEventLogServer: allOf: - $ref: '#/definitions/ManagedResource' - properties: domain_name: description: |- Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains. title: |- Directory domain name type: string host: description: |- Directory Event Log server DNS host name or ip address which is reachable by NSX manager to be connected and do event fetching. format: hostname-or-ip title: |- Event log server host name type: string password: description: |- Directory event log server connection password. title: |- Event log server password type: string status: $ref: '#/definitions/DirectoryEventLogServerStatus' username: description: |- Directory event log server connection user name. title: |- Event log server username type: string required: - host type: object x-vmw-nsx-module: DirectoryService description: |- Event log server of directory domain title: |- Event log server of directory domain x-vmw-nsx-module: DirectoryService DirectoryEventLogServerStatus: description: |- Event log server connection status properties: error_message: description: |- Additional optional detail error message readOnly: true title: |- Additional optional detail error message type: string last_event_record_id: description: |- Last event record ID is an opaque integer value that shows the last successfully received event from event log server. format: int64 readOnly: true title: |- Last event record ID type: integer last_event_time_created: description: |- Time of last successfully received and record event from event log server. format: int64 readOnly: true type: integer last_polling_time: description: |- Last polling time format: int64 readOnly: true type: integer status: description: | Connection status: OK: All OK ERROR: Generic error enum: - OK - ERROR readOnly: true title: |- Current connection status of event log server type: string title: |- Event log server connection status type: object x-vmw-nsx-module: DirectoryService DirectoryGroup: allOf: - $ref: '#/definitions/ManagedResource' - discriminator: resource_type properties: distinguished_name: description: |- Directory group distinguished name title: |- Directory group distinguished name type: string domain_id: description: |- Domain ID this directory group belongs to. title: |- Domain id type: string domain_name: description: |- Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head. title: |- Directory domain distinguished name type: string domain_sync_node_id: description: |- Domain sync node under which this directory group is located. We currently sync only from Root node and hence this attribute doesn't have a specific value set. title: |- Domain synchronization root node id type: string resource_type: description: |- Directory group resource type comes from multiple sub-classes extending this base class. For example, DirectoryAdGroup is one accepted resource_type. If there are more sub-classes defined, they will also be accepted resource_type. title: |- Directory group resource type for this domain type: string required: - distinguished_name - domain_id - resource_type - domain_name type: object x-vmw-nsx-module: DirectoryService x-vmw-nsx-module: DirectoryService DirectoryGroupListResults: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Directory group list items: $ref: '#/definitions/DirectoryGroup' title: |- Directory group list type: array required: - results type: object x-vmw-nsx-module: DirectoryService x-vmw-nsx-module: DirectoryService DirectoryGroupMember: allOf: - $ref: '#/definitions/ManagedResource' - properties: group_distinguished_name: description: |- Directory group distinguished name this group member belongs to. title: |- Group distinguished name type: string group_id: description: |- Directory group id this group member belongs to title: |- Group idnetifier type: string member_group_distinguished_name: description: |- Directory group name this group member owns title: |- Member group distinguished name type: string member_group_id: description: |- Directory group id this group member owns title: |- Member group idnetifier type: string nested: description: |- Whether this member group is a directory member of the parent group speicified by group_id or a nested member group which parent group is also member group of the parent group speicified by group_id. title: |- Nesting flag type: boolean required: - group_id - member_group_distinguished_name - member_group_id - group_distinguished_name - nested type: object x-vmw-nsx-module: DirectoryService x-vmw-nsx-module: DirectoryService DirectoryGroupMemberListResults: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Directory group member list items: $ref: '#/definitions/DirectoryGroupMember' title: |- Directory group member list type: array required: - results type: object x-vmw-nsx-module: DirectoryService x-vmw-nsx-module: DirectoryService DirectoryLdapServer: allOf: - $ref: '#/definitions/ManagedResource' - properties: domain_name: description: |- Directory domain name which best describes the domain. It could be unique fqdn name or it could also be descriptive. There is no unique contraint for domain name among different domains. title: |- Directory domain name type: string host: description: |- Directory LDAP server DNS host name or ip address which is reachable by NSX manager to be connected and do object synchronization. format: hostname-or-ip title: |- LDAP server host name type: string password: description: |- Directory LDAP server connection password. title: |- LDAP server password type: string port: default: 389 description: |- Directory LDAP server connection TCP/UDP port. format: int64 title: |- LDAP server TCP/UDP port type: integer protocol: default: LDAP description: |- Directory LDAP server connection protocol which is either LDAP or LDAPS. enum: - LDAP - LDAPS title: |- LDAP server protocol type: string thumbprint: description: |- Directory LDAP server certificate thumbprint used in secure LDAPS connection. title: |- LDAP server certificate thumbprint using SHA-256 algorithm type: string username: description: |- Directory LDAP server connection user name. title: |- LDAP server username type: string required: - host type: object x-vmw-nsx-module: DirectoryService description: |- LDAP server of directory domain title: |- LDAP server of directory domain x-vmw-nsx-module: DirectoryService DirectoryLdapServerListResults: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of directory domain LDAP servers items: $ref: '#/definitions/DirectoryLdapServer' maxItems: 50 title: |- List of directory domain LDAP servers type: array required: - results type: object x-vmw-nsx-module: DirectoryService description: |- List of directory domain LDAP servers title: |- List of directory domain LDAP servers x-vmw-nsx-module: DirectoryService DirectoryLdapServerStatus: description: |- Status LDAP server of directory domain properties: error_id: description: |- Error ID of the directory LDAP server status maintained by the NSX directory service. format: int64 title: |- Error ID of the directory LDAP server status type: integer error_message: description: |- Error message of the directory LDAP server status maintained by the NSX directory service. title: |- Error message of the directory LDAP server status type: string title: |- Status LDAP server of directory domain type: object x-vmw-nsx-module: DirectoryService DirectoryOrgUnit: description: |- Organization Unit properties: children: description: | List of children Organization Units if any. items: $ref: '#/definitions/DirectoryOrgUnit' maxItems: 500 title: |- List of children Organization Units type: array distinguished_name: description: |- Distinguished name of the organization unit. title: |- Distinguished name type: string name: description: |- Organization Unit name. title: |- Organization Unit name type: string required: - distinguished_name - name - children title: |- Organization Unit type: object x-vmw-nsx-module: DirectoryService DirectoryOrgUnitListResults: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of Organization Units items: $ref: '#/definitions/DirectoryOrgUnit' maxItems: 500 title: |- List of Organization Units type: array required: - results type: object x-vmw-nsx-module: DirectoryService description: |- List of organization units title: |- List of organization units x-vmw-nsx-module: DirectoryService DiscoveredNode: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: certificate: description: |- Certificate of the discovered node title: |- Certificate of the discovered node type: string cm_local_id: description: |- Local Id of the discovered node in the Compute Manager readOnly: true title: |- Local Id of the discovered node in the Compute Manager type: string external_id: description: |- External id of the discovered node, ex. a mo-ref from VC readOnly: true title: |- External id of the discovered node, ex. a mo-ref from VC type: string hardware_id: description: |- Hardware Id is generated using system hardware info. It is used to retrieve fabric node of the esx. readOnly: true title: |- Hardware Id of the discovered node type: string ip_addresses: description: |- IP Addresses of the the discovered node. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- IP Addresses of the the discovered node. type: array node_type: description: |- Discovered Node type like Host readOnly: true title: |- Discovered Node type like Host type: string origin_id: description: |- Id of the compute manager from where this node was discovered readOnly: true title: |- Id of the compute manager from where this node was discovered type: string origin_properties: description: | Key-Value map of additional specific properties of discovered node in the Compute Manager items: $ref: '#/definitions/KeyValuePair' readOnly: true title: | Key-Value map of additional specific properties of discovered node in the Compute Manager type: array os_type: description: |- OS type of the discovered node readOnly: true title: |- OS type of the discovered node type: string os_version: description: |- OS version of the discovered node readOnly: true title: |- OS version of the discovered node type: string parent_compute_collection: description: |- External id of the compute collection to which this node belongs readOnly: true title: |- External id of the compute collection to which this node belongs type: string stateless: description: |- The stateless property describes whether host persists its state across reboot or not. If state persists, value is set as false otherwise true. readOnly: true title: |- Specifies whether host is stateless type: boolean type: object x-vmw-nsx-module: InventoryCmObj x-vmw-nsx-module: InventoryCmObj DiscoveredResource: allOf: - $ref: '#/definitions/Resource' - discriminator: resource_type properties: _last_sync_time: description: |- Timestamp of last modification format: int64 readOnly: true type: integer description: description: |- Description of this resource maxLength: 1024 title: |- Description of this resource type: string display_name: description: |- Defaults to ID if not set maxLength: 255 title: |- Identifier to use when displaying entity in logs or GUI type: string resource_type: description: |- The type of this resource. readOnly: false type: string scope: description: | Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC. items: $ref: '#/definitions/DiscoveredResourceScope' readOnly: false title: |- List of scopes for discovered resource type: array tags: description: |- Opaque identifiers meaningful to the API user items: $ref: '#/definitions/Tag' maxItems: 30 title: |- Opaque identifiers meaningful to the API user type: array required: - resource_type type: object x-vmw-nsx-module: Common description: |- Base class for resources that are discovered and automatically updated title: |- Base class for resources that are discovered and automatically updated x-vmw-nsx-module: Common DiscoveredResourceScope: description: |- Scope of discovered resource properties: scope_id: description: | Specifies the scope id of discovered resource. title: |- Scope Id of scope for discovered resource type: string scope_type: description: |- Type of the scope for the discovered resource. enum: - CONTAINER_CLUSTER title: |- Type of scope type: string title: |- Scope of discovered resource type: object x-vmw-nsx-module: Common DiscoveredVifState: description: |- State of VIFs connected to discovered segment on the TransportNode. properties: error_msg: description: |- Error encountered during segment port creation for the discovered VIF. title: |- Error message type: string id: description: |- Id of discovered VIF. title: |- VIF Id type: string segment_path: description: |- Segment path related with discovered VIF. title: |- Path of the discovered segment type: string segment_port_path: description: |- SegmentPort path related with discovered VIF. title: |- Path of the segment port type: string state: description: |- The state of specific discovered VIF. enum: - PENDING - ATTACHMENT_IN_PROGRESS - ATTACHMENT_SUCCESS - ATTACHMENT_FAILED title: |- Discovered VIF State type: string required: - id - segment_port_path - segment_path title: |- Discovered Vif State type: object x-vmw-nsx-module: PolicyHostTransportNode DiscoveredVifStateListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Discovered Segment Results items: $ref: '#/definitions/DiscoveredVifState' readOnly: true title: |- Discovered Segment Results type: array type: object x-vmw-nsx-module: PolicyHostTransportNode description: |- Array of result of discovered VIF state result. title: |- Segment queries result x-vmw-nsx-module: PolicyHostTransportNode DiscoveryProfileBindingMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: |- Base Discovery Profile Binding Map title: |- Base Discovery Profile Binding Map x-vmw-nsx-module: PolicyDiscoveryProfileBinding DistributedFloodProtectionProfile: allOf: - $ref: '#/definitions/FloodProtectionProfile' - properties: enable_rst_spoofing: default: false description: |- If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles. readOnly: false title: |- Flag to indicate rst spoofing is enabled type: boolean enable_syncache: default: false description: |- If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles. readOnly: false title: |- Flag to indicate syncache is enabled type: boolean type: object x-vmw-nsx-module: PolicyProfile x-vmw-nsx-module: PolicyProfile DistributedVirtualPortgroup: allOf: - $ref: '#/definitions/VirtualPortgroup' - properties: backing_type: description: | For distributed virtual portgroup, backing type is standard. For logical switch portgroup, the backing type is set to nsx. readOnly: false title: |- Backing type for portgroup type: string key: description: |- Generated UUID of the portgroup readOnly: false title: |- Generated UUID of the portgroup type: string overall_status: description: | This parameters reflects the managed entity status of the portgroup as reported by VC. enum: - RED - YELLOW - GREEN - GRAY readOnly: true title: |- General status of the virtual portgroup type: string type: object x-vmw-nsx-module: InventoryCmObj description: |- Distributed virtual portgroup on a VC title: |- Distributed virtual portgroup on a VC x-vmw-nsx-module: InventoryCmObj DistributedVirtualSwitch: allOf: - $ref: '#/definitions/VirtualSwitch' - properties: discovered_nodes: description: |- Array of discovered nodes connected to this switch. items: $ref: '#/definitions/DiscoveredNode' readOnly: true title: |- Array of discovered nodes connected type: array lacp_group_configs: description: | It contains information about VMware specific multiple dynamic LACP groups. items: $ref: '#/definitions/LacpGroupConfigInfo' readOnly: false title: |- Array of Link Aggregation Control Protocol (LACP) configuration type: array origin_properties: description: |- Key-Value map of additional properties of switch items: $ref: '#/definitions/KeyValuePair' readOnly: true title: |- Key-Value map of additional properties of switch type: array uplink_port_names: description: |- The uniform name of uplink ports on each host. items: type: string readOnly: true title: |- Uplink port names type: array uplink_portgroup: $ref: '#/definitions/DistributedVirtualPortgroup' uuid: description: |- UUID of the switch readOnly: true title: |- UUID of the switch type: string type: object x-vmw-nsx-module: InventoryCmObj description: |- DistributedVirtualSwitch on a VC title: |- DistributedVirtualSwitch on a VC x-vmw-nsx-module: InventoryCmObj DnsHeader: properties: address: description: |- This is used to define what is being asked or responded. format: hostname-or-ip title: |- Domain name/IP to query/response type: string address_type: default: V4 description: |- This is used to specify the type of the address. V4 - The address provided is an IPv4 domain name/IP address, the Type in query or response will be A V6 - The address provided is an IPv6 domain name/IP address, the Type in query or response will be AAAA enum: - V4 - V6 type: string message_type: default: QUERY description: |- Specifies the message type whether it is a query or a response. enum: - QUERY - RESPONSE title: |- Specifies the message type whether it is a query or a response. type: string type: object x-vmw-nsx-module: Traceflow DnsSecurityProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ttl: default: 86400 description: | Time to live for DNS cache entry in seconds. Valid TTL values are between 3600 to 864000. However, this field accepts values between 0 through 864000. We define TTL type based on the value of TTL as follows: TTL 0 - cached entry never expires. TTL 1 to 3599 - invalid input and error is thrown TTL 3600 to 864000 - ttl is set to user input TTL field not set by user - TTL type is 'AUTO' and ttl value is set from DNS response packet. User defined TTL value is used only when it is betweeen 3600 to 864000. format: int64 maximum: 864000 minimum: 0 title: |- Time to live for DNS cache entry type: integer type: object x-vmw-nsx-module: PolicyProfile description: |- Used to configure DNS security profile title: |- DNS security profile x-vmw-nsx-module: PolicyProfile DnsSecurityProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - properties: sequence_number: description: | Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000. format: int64 maximum: 100000 minimum: 1 title: |- Sequence number DNS Security Profile Binding Map type: integer type: object x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding description: | This entity will be used to establish association between DNS security profile and Group. With this entity, user can specify intent for applying DNS security profile profile to particular Group. title: |- Binding Map for DNS Security Profile x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding DnsSecurityProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- DNS Security Profile Binding Map List Results items: $ref: '#/definitions/DnsSecurityProfileBindingMap' title: |- DNS Security Profile Binding Map List Results type: array type: object x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding description: |- Paged collection of DNS Security Profile Binding Map title: |- Paged collection of DNS Security Profile Binding Map x-vmw-nsx-module: PolicyFirewallDnsSecurityProfileBinding DnsSecurityProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- DnsSecurityProfile list results items: $ref: '#/definitions/DnsSecurityProfile' title: |- DnsSecurityProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyProfile description: |- Paged Collection of DnsSecurityProfile title: |- Paged Collection of DnsSecurityProfile x-vmw-nsx-module: PolicyProfile Domain: allOf: - $ref: '#/definitions/PolicyConfigResource' - type: object x-vmw-nsx-module: Policy description: |- Domain. title: |- Domain x-vmw-nsx-module: Policy DomainDeploymentMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enforcement_point_path: description: |- Path of enforcement point on which domain shall be enforced. title: |- Absolute path of enforcement point type: string required: - enforcement_point_path type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Binding of domain to the enforcement point. title: |- Domain Deployment Map x-vmw-nsx-module: PolicyEnforcementPointManagement DomainDeploymentMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Domain Deployment Map list result. items: $ref: '#/definitions/DomainDeploymentMap' title: |- Domain Deployment Map List Result type: array required: - results type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Paged collection of Domain Deployment Map. title: |- Paged Collection of Domain Deployment Map x-vmw-nsx-module: PolicyEnforcementPointManagement DomainListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Domain list results items: $ref: '#/definitions/Domain' title: |- Domain list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Domains title: |- Paged Collection of Domains x-vmw-nsx-module: Policy DonutConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: count: description: |- Expression to retrieve count to be shown on Donut. title: |- Expression to retrieve count to be shown on Donut type: string display_count: default: true description: |- If true, displays the count of entities in the donut title: |- Show or hide the count of entities type: boolean label: $ref: '#/definitions/Label' navigation: description: |- Hyperlink of the specified UI page that provides details. maxLength: 1024 title: |- Navigation to a specified UI page type: string sections: description: |- Sections items: $ref: '#/definitions/DonutSection' minItems: 1 title: |- Sections type: array required: - sections type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration of a Donut title: |- Donut Configuration x-vmw-nsx-module: NsxDashboard DonutPart: description: |- Represents an entity or portion to be plotted on a donut or stats chart. properties: condition: description: |- If the condition is met then the part will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. title: |- Expression for evaluating condition type: string drilldown_id: description: |- Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. title: |- Id of drilldown widget type: string field: description: |- A numerical value that represents the portion or entity of the donut or stats chart. maxLength: 1024 title: |- Value of the portion or entity of donut or stats chart type: string hide_empty_legend: default: false description: |- If true, legend will be shown only if the data for the part is available. This is applicable only if legends are specified in widget configuration. title: |- Hide the legend if the data for the part is not available type: boolean label: $ref: '#/definitions/Label' navigation: description: |- Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used. title: |- Navigation to a specified UI page type: string render_configuration: description: |- Additional rendering or conditional evaluation of the field values to be performed, if any. items: $ref: '#/definitions/RenderConfiguration' minItems: 0 title: |- Render Configuration type: array tooltip: description: |- Multi-line text to be shown on tooltip while hovering over the portion. items: $ref: '#/definitions/Tooltip' minItems: 0 title: |- Multi-line tooltip type: array required: - field title: |- Portion of a donut or stats chart type: object x-vmw-nsx-module: NsxDashboard DonutSection: description: |- Represents high level logical grouping of portions or segments of a donut / stats chart. properties: parts: description: |- Array of portions or parts of the donut or stats chart. items: $ref: '#/definitions/DonutPart' minItems: 1 title: |- Parts of a donut / stats chart type: array row_list_field: description: |- Field of the root of the api result set for forming parts. maxLength: 1024 title: |- Field from which parts of the donut or stats chart are formed type: string template: default: false description: |- If true, the section will be appled as template for forming parts. Only one part will be formed from each element of 'row_list_field'. title: |- Template, if any, for automatically forming the donut or stats parts type: boolean required: - parts title: |- Section of a donut or stats chart type: object x-vmw-nsx-module: NsxDashboard DropdownFilterPlotConfiguration: allOf: - $ref: '#/definitions/WidgetPlotConfiguration' - properties: allow_search: default: false description: | Allow search on drop down filter. title: |- Allow search on drop down filter type: boolean type: object x-vmw-nsx-module: NsxDashboard description: |- Dropdown Filter plotting configuration. title: |- Dropdown Filtert plotting configuration x-vmw-nsx-module: NsxDashboard DropdownFilterWidgetConfiguration: allOf: - $ref: '#/definitions/FilterWidgetConfiguration' - properties: default_value: description: |- Expression to specify default value of filter. title: |- Expression to specify default value type: string dropdown_filter_plot_config: $ref: '#/definitions/DropdownFilterPlotConfiguration' dropdown_item: $ref: '#/definitions/DropdownItem' placeholder_msg: description: |- Placeholder message to be displayed in dropdown filter. title: |- Placeholder message to be shown in filter type: string static_filter_condition: description: |- If the condition is met then the static filter will be added. If no condition is provided, then the static filters will be applied unconditionally. title: |- Expression for evaluating condition type: string static_filters: description: |- Additional static items to be added in dropdown filter. Example can be 'ALL'. items: $ref: '#/definitions/StaticFilter' title: |- Additional static items to be added in dropdown filter type: array type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration for dropdown filter widget. title: |- Dropdown Filter widget Configuration x-vmw-nsx-module: NsxDashboard DropdownItem: description: |- Dropdown item definition properties: additional_value: description: |- An additional key-value pair for item to be display in dropdown. title: |- An additional value for item to be display in dropdown. type: object display_name: description: |- expression to extract display name to be shown in the drop down. maxLength: 1024 title: |- Display name for item to be displayed in dropdown type: string field: description: |- An expression that represents the items of the dropdown filter. title: |- Expression for dropdown items of filter type: string short_display_name: description: |- Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used. maxLength: 1024 title: |- A property value to be shown once value is selected for a filter. type: string value: description: |- Value of filter inside dropdown filter. title: |- Value for item to be displayed in dropdown type: string required: - field - value title: |- Dropdown item definition type: object x-vmw-nsx-module: NsxDashboard DscpBit: allOf: - $ref: '#/definitions/DscpIndicator' - properties: dscp_bit: description: | A DSCP bit is allocated to indicate the existence of INT header. It takes effect only when the INT indicator mode is DSCP_BIT. The user should guarantee that the given DSCP bit is specifically allocated for INT. format: int32 maximum: 5 minimum: 0 title: |- DSCP bit for indicating the existence of INT header. type: integer required: - dscp_bit type: object x-vmw-nsx-module: Policy description: |- Dscp bit config title: |- Dscp bit config x-vmw-nsx-module: Policy DscpIndicator: description: | The DscpIndicator is the base class for global In-band network telemetry configurations for different types in a NSX domain. discriminator: indicator_type properties: indicator_type: description: |- The method for indicating the existence of INT header. enum: - DSCP_BIT - DSCP_VALUE title: |- The method for indicating the existence of INT header. type: string required: - indicator_type title: |- Abstract base type for Global In-band network telemetry configuration type: object x-vmw-nsx-module: Policy DscpValue: allOf: - $ref: '#/definitions/DscpIndicator' - properties: dscp_value: description: | A DSCP value is allocated to indicate the existence of INT header. It takes effects only when the INT indicator mode is DSCP_VALUE. The user should guarantee that the given DSCP value is specifically allocated for INT. format: int32 maximum: 63 minimum: 1 title: |- DSCP value for indicating the existence of INT header. type: integer required: - dscp_value type: object x-vmw-nsx-module: Policy description: |- Dscp bit config title: |- Dscp bit config x-vmw-nsx-module: Policy DuplicateAddressBindingEntry: allOf: - $ref: '#/definitions/AddressBindingEntry' - properties: conflicting_port: description: | Provides the ID of the port on which the same address bidning exists title: |- ID of logical port with the same address binding type: string type: object x-vmw-nsx-module: LogicalPort description: |- Duplicate address binding information title: |- Duplicate address binding information x-vmw-nsx-module: LogicalPort DuplicateIPDetectionOptions: description: |- Contains dupliacte IP detection related discovery options. properties: duplicate_ip_detection_enabled: default: false description: |- Indicates whether duplicate IP detection should be enabled title: |- Duplicate IP detection type: boolean title: |- Controls duplicate IP detection options type: object x-vmw-nsx-module: PolicyIpDiscovery DynamicPluginFileProperties: allOf: - $ref: '#/definitions/Resource' - properties: file_name: description: |- File name title: |- File name type: string plugin_path: description: |- Plugin id title: |- Plugin id type: string status: description: |- Upload status enum: - SUCCESS - FAILURE title: |- Upload status type: string required: - status - file_name - plugin_path type: object x-vmw-nsx-module: PolicySha description: |- Plugin file properties title: |- Plugin file properties x-vmw-nsx-module: PolicySha EULAAcceptance: allOf: - $ref: '#/definitions/ManagedResource' - properties: acceptance: description: |- Acceptance status of End User License Agreement title: |- End User License Agreement acceptance status type: boolean required: - acceptance type: object x-vmw-nsx-module: EULA description: |- Indicate the status of End User License Agreement acceptance title: |- EULA acceptance status x-vmw-nsx-module: EULA EULAContent: allOf: - $ref: '#/definitions/ManagedResource' - properties: content: description: |- Content of End User License Agreement title: |- End User License Agreement content type: string type: object x-vmw-nsx-module: EULA description: |- End User License Agreement content title: |- EULA content x-vmw-nsx-module: EULA EdgeConfigurationState: allOf: - $ref: '#/definitions/ConfigurationState' - properties: pending_change_list: description: |- Request identifier of the API which modified the entity. items: type: string readOnly: true title: |- List of pending changes type: array type: object x-vmw-nsx-module: LogicalRouter description: | This contains fields that captures state of Trackable entities. Edge and VPN state entities extend this object. title: |- Configuration State for Edge and VPN entities. x-vmw-nsx-module: LogicalRouter EdgeTransportNodeDatapathMemoryPoolUsage: description: |- Datapath memory pool usage value. properties: description: description: |- Description of the memory pool. readOnly: true title: |- Description of the memory pool type: string name: description: |- Name of the datapath memory pool as available on edge node CLI. readOnly: true title: |- Name of the datapath memory pool type: string usage: description: |- Percentage of memory pool in use. readOnly: true title: |- Percentage of memory pool in use type: number title: |- Usage of datapath memory pool type: object x-vmw-nsx-module: ApplianceStats EdgeTransportNodeDatapathMemoryUsage: description: |- Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage. properties: datapath_heap_usage: description: |- Percentage of heap memory in use. readOnly: true title: |- Percentage of heap memory in use type: number datapath_mem_pools_usage: items: $ref: '#/definitions/EdgeTransportNodeDatapathMemoryPoolUsage' type: array highest_datapath_mem_pool_usage: description: |- Highest percentage usage value among datapath memory pools. readOnly: true title: |- Highest percentage usage value among datapath memory pools type: number highest_datapath_mem_pool_usage_names: items: description: List of datapath memory pool(s) with highest usage. readonly: true title: Datapath memory pool(s) with highest usage type: string type: array title: |- Detailed view of the datapath memory usage. Details out the heap and per memory pool usage type: object x-vmw-nsx-module: ApplianceStats EdgeTransportNodeMemoryUsage: description: |- Point in time usage of system, datapath, swap and cache memory in edge node. properties: cache_usage: description: |- Percentage of RAM on the system that can be flushed out to disk. readOnly: true title: |- Percentage of RAM on the system that can be flushed out to disk type: number datapath_mem_usage_details: $ref: '#/definitions/EdgeTransportNodeDatapathMemoryUsage' datapath_total_usage: description: |- Percentage of memory in use by datapath processes which includes RES and hugepage memory. readOnly: true title: |- Percentage of memory in use by datapath processes type: number swap_usage: description: |- Percentage of swap disk in use. readOnly: true title: |- Percentage of swap disk in use type: number system_mem_usage: description: |- Percentage of RAM in use on edge node. readOnly: true title: |- Percentage of RAM in use on edge node type: number title: |- Memory usage details of edge node type: object x-vmw-nsx-module: ApplianceStats EffectiveIPInfo: description: |- List of effective ip address along with site id properties: effective_ips: items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string type: array site_id: description: | Id of the site to which the effective IPs belong to title: | Id of the site to which the effective IPs belong to type: string required: - effective_ips - site_id title: |- List of effective ip address along with site id type: object x-vmw-nsx-module: GroupingObjectsProviders EgressRateLimiter: allOf: - $ref: '#/definitions/QoSBaseRateLimiter' - properties: average_bandwidth: default: 0 description: |- Average bandwidth in Mb/s format: int32 minimum: 0 title: |- Average bandwidth in Mb/s type: integer burst_size: default: 0 description: |- Burst size in bytes format: int32 minimum: 0 title: |- Burst size in bytes type: integer peak_bandwidth: default: 0 description: |- Peak bandwidth in Mb/s format: int32 minimum: 0 title: |- Peak bandwidth in Mb/s type: integer type: object x-vmw-nsx-module: PolicyQoS description: |- A shaper that specifies egress rate properties in Mb/s title: |- A shaper that specifies egress rate properties in Mb/s x-vmw-nsx-module: PolicyQoS Endpoint: description: |- An Endpoint object is part of HostSwitch configuration in TransportNode properties: default_gateway: description: |- Gateway IP format: ip readOnly: true type: string device_name: description: |- Name of the virtual tunnel endpoint readOnly: true title: |- Name of the virtual tunnel endpoint type: string ip: description: |- Depending upon the EndpointIpConfig used in HostSwitch, IP could be allocated either from DHCP (default) or from Static IP Pool. format: ip readOnly: true type: string label: description: |- Unique label for this Endpoint format: int32 readOnly: true title: |- Unique label for this Endpoint type: integer mac: description: |- MAC address format: mac-address readOnly: true type: string subnet_mask: description: |- Subnet mask format: ip readOnly: true type: string title: |- Tunnel endpoint configuration type: object x-vmw-nsx-module: TransportNode EndpointPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: endpoint_rules: description: |- Endpoint Rules that are a part of this EndpointPolicy items: $ref: '#/definitions/EndpointRule' title: |- Endpoint Rules that are a part of this EndpointPolicy type: array sequence_number: default: 0 description: | This field is used to resolve conflicts between maps across domains. format: int32 maximum: 499 minimum: 0 title: |- Precedence to resolve conflicts across Domains type: integer type: object x-vmw-nsx-module: PolicyGuestIntrospection description: | Ordered list of Endpoint Rules ordered by sequence number of the entries. The maximum number of policies is 25. title: | Contains ordered list of Endpoint Rules x-vmw-nsx-module: PolicyGuestIntrospection EndpointPolicyListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Guest Introspection Map list results items: $ref: '#/definitions/EndpointPolicy' title: |- Guest Introspection Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyGuestIntrospection description: |- Paged Collection of Groups title: |- Paged Collection of Groups x-vmw-nsx-module: PolicyGuestIntrospection EndpointRule: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: groups: description: | We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant "ANY". This is case insensitive. If "ANY" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values. items: type: string maxItems: 50 title: |- group paths type: array sequence_number: default: 0 description: | This field is used to resolve conflicts between multiple entries under EndpointPolicy. It will be system default value when not specified by user. format: int32 maximum: 499 minimum: 0 title: |- Sequence number of this Entry type: integer service_profiles: description: | The policy paths of service profiles are listed here. It pecifies what services are applied on the group. Currently only one is allowed. items: type: string maxItems: 1 title: |- Names of service profiles type: array required: - service_profiles - groups type: object x-vmw-nsx-module: PolicyGuestIntrospection description: |- Endpoint Rule comes from user configuration. User configures Endpoint Rule to specify what services are applied on the groups. title: |- Endpoint Rule for guest introspection. x-vmw-nsx-module: PolicyGuestIntrospection EndpointRuleListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Endpoint Rule list results items: $ref: '#/definitions/EndpointRule' title: |- Endpoint Rule list results type: array required: - results type: object x-vmw-nsx-module: PolicyGuestIntrospection description: |- Paged Collection of Endpoint Rules title: |- Paged Collection of Endpoint Rules x-vmw-nsx-module: PolicyGuestIntrospection EnforcedStatusDetailsNsxT: description: | Detailed Realized Status of an intent object on an NSX-T type of enforcement point. This is a detailed view of the Realized Status of an intent object from an NSX-T enforcement point perspective. properties: enforced_status_info: $ref: '#/definitions/EnforcedStatusInfoNsxT' pending_changes_info: $ref: '#/definitions/PendingChangesInfoNsxT' title: |- NSX-T Enforced Realized Status Details type: object x-vmw-nsx-module: PolicyRealizationStatus EnforcedStatusInfoNsxT: description: | Information about the realized status of the intent object on an NSX-T type of enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info. In addition to the realized status across all scopes, this information holds details about enforced realized status per scope. properties: enforced_status: $ref: '#/definitions/EnforcedStatusNsxT' enforced_status_per_scope: description: |- List of Enforced Realized Status per Scope. items: $ref: '#/definitions/EnforcedStatusPerScopeNsxT' readOnly: true title: |- List of Enforced Realized Status per Scope type: array title: |- NSX-T Enforced Realized Status Information type: object x-vmw-nsx-module: PolicyRealizationStatus EnforcedStatusNsxT: description: |- NSX-T Enforced Status. properties: status: description: |- Enforced Realized Status. enum: - UNINITIALIZED - UNKNOWN - UP - DOWN - DEGRADED - SUCCESS - FAILURE - IN_PROGRESS readOnly: true type: string status_message: description: | Status Message conveying hints depending on the status value. readOnly: true title: |- Status Message type: string title: |- NSX-T Enforced Status type: object x-vmw-nsx-module: PolicyRealizationStatus EnforcedStatusPerScopeNsxT: description: | NSX-T Detailed Realized Status Per Scope. discriminator: resource_type properties: resource_type: description: | Enforced Realized Status Per Scope Resource Type. enum: - TransportNodeSpanEnforcedStatus readOnly: true title: |- Resource Type type: string required: - resource_type title: |- NSX-T Enforced Realized Status Per Scope type: object x-vmw-nsx-module: PolicyRealizationStatus EnforcedStatusPerTransportNode: description: |- Detailed Realized Status Per Transport Node. properties: display_name: description: | Display name of the transport node. readOnly: true title: |- Transport Node Display Name type: string enforced_status: $ref: '#/definitions/EnforcedStatusNsxT' nsx_id: description: | UUID identifying uniquely the Transport Node. readOnly: true title: |- Transport Node Identifier type: string path: description: | Policy Path referencing the transport node. readOnly: true title: |- Transport Node Path type: string title: |- Enforced Realized Status Per Transport Node type: object x-vmw-nsx-module: PolicyRealizationStatus EnforcementPoint: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: auto_enforce: default: true description: | Auto enforce flag suggests whether the policy objects shall be automatically enforced on this enforcement point or not. When this flag is set to true, all policy objects will be automatically enforced on this enforcement point. If this flag is set to false, user shall rely on the usual means of realization, i.e., deployment maps. title: |- Auto Enforce Flag type: boolean connection_info: $ref: '#/definitions/EnforcementPointConnectionInfo' version: description: |- Version of the Enforcement point. readOnly: true title: |- Enforcement point Version type: string required: - connection_info type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: | Enforcement point is the endpoint where policy configurations are applied. title: |- Enforcement Point x-vmw-nsx-module: PolicyEnforcementPointManagement EnforcementPointConnectionInfo: description: |- Contains information required to connect to enforcement point. discriminator: resource_type properties: enforcement_point_address: description: | Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be "10.192.1.1" - On an NSX-T MP running on custom port, the value could be "192.168.1.1:32789" - On an NSX-T MP in VMC deployments, the value could be "192.168.1.1:5480/nsxapi" title: |- Enforcement Point Address type: string resource_type: description: |- Resource Type of Enforcement Point Connection Info. enum: - NSXTConnectionInfo - NSXVConnectionInfo - CvxConnectionInfo - AviConnectionInfo title: |- Connection Info Resource Type type: string required: - enforcement_point_address - resource_type title: |- Enforcement Point Connection Info type: object x-vmw-nsx-module: PolicyEnforcementPointManagement EnforcementPointListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Enforcement Point list Results. items: $ref: '#/definitions/EnforcementPoint' title: |- Enforcement Point List Results type: array required: - results type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Paged collection of enforcement points. title: |- Paged Collection of EnforcementPoints x-vmw-nsx-module: PolicyEnforcementPointManagement EntityInstanceCountConstraintExpression: allOf: - $ref: '#/definitions/ConstraintExpression' - properties: count: description: |- Instance count. format: int64 title: |- Instance count. type: integer operator: description: |- Operations supported '<' and '<='. title: |- Operations supported '<' and '<='. type: string required: - operator - count type: object x-vmw-nsx-module: PolicyConstraints description: | Represents the leaf level constraint to restrict the number instances of an entity type can be created. This is useful in restricting number of CGWs or MGWs or Providers that can created in a system. title: |- Represents the leaf level constraint to restrict the number instances of type. x-vmw-nsx-module: PolicyConstraints ErrorResolverInfo: description: |- Metadata related to a given error_id properties: error_id: description: |- The error id for which metadata information is needed format: int64 title: |- The error id for which metadata information is needed type: integer resolver_present: description: |- Indicates whether there is a resolver associated with the error or not title: |- Indicates whether there is a resolver associated with the error or not type: boolean user_metadata: $ref: '#/definitions/ErrorResolverUserMetadata' required: - error_id - resolver_present type: object x-vmw-nsx-module: ErrorResolver ErrorResolverInfoList: description: |- Collection of all registered ErrorResolverInfo properties: results: description: |- ErrorResolverInfo list items: $ref: '#/definitions/ErrorResolverInfo' title: |- ErrorResolverInfo list type: array required: - results title: |- Collection of all registered ErrorResolverInfo type: object x-vmw-nsx-module: ErrorResolver ErrorResolverMetadata: description: |- Error along with its metadata properties: entity_id: description: |- The entity/node UUID where the error has occurred. title: |- The entity/node UUID where the error has occurred. type: string error_id: description: |- The error id as reported by the entity where the error occurred. format: int64 title: |- The error id as reported by the entity where the error occurred. type: integer system_metadata: $ref: '#/definitions/ErrorResolverSystemMetadata' user_metadata: $ref: '#/definitions/ErrorResolverUserMetadata' required: - error_id - entity_id type: object x-vmw-nsx-module: ErrorResolver ErrorResolverMetadataList: description: |- List of errors with their metadata properties: errors: description: |- List of errors with their corresponding metadata. items: $ref: '#/definitions/ErrorResolverMetadata' title: |- List of errors with their corresponding metadata. type: array required: - errors type: object x-vmw-nsx-module: ErrorResolver ErrorResolverSystemMetadata: description: |- Metadata fetched from an external system like Syslog or LogInsight. properties: value: description: |- The value fetched from another system title: |- The value fetched from another system type: string type: object x-vmw-nsx-module: ErrorResolver ErrorResolverUserInputData: description: |- Corresponds to one property entered by the user properties: data_type: description: |- The datatype of the given property. Useful for data validation enum: - TEXT - NUMBER - PASSWORD title: |- The datatype of the given property. Useful for data validation type: string property_name: description: |- Name of the property supplied by the user title: |- Name of the property supplied by the user type: string property_value: description: |- The value associated with the above property title: |- The value associated with the above property type: string required: - data_type - property_name type: object x-vmw-nsx-module: ErrorResolver ErrorResolverUserMetadata: description: |- User supplied metadata needed for resolving errors properties: user_input_list: description: |- List of user supplied input data. items: $ref: '#/definitions/ErrorResolverUserInputData' title: |- List of user supplied input data. type: array type: object x-vmw-nsx-module: ErrorResolver EtherTypeServiceEntry: allOf: - $ref: '#/definitions/ServiceEntry' - properties: ether_type: description: |- Type of the encapsulated protocol format: int64 title: |- Type of the encapsulated protocol type: integer required: - ether_type type: object x-vmw-nsx-module: Policy description: |- A ServiceEntry that represents an ethertype protocol title: |- A ServiceEntry that represents an ethertype protocol x-vmw-nsx-module: Policy EthernetHeader: properties: dst_mac: description: | The destination MAC address of form: "^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00. title: |- Destination MAC address of the Ethernet header type: string eth_type: default: 2048 description: |- This field defaults to IPv4. format: int64 maximum: 65535 minimum: 1 title: |- The value of the type field to be put into the Ethernet header type: integer src_mac: description: | The source MAC address of form: "^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00. title: |- Source MAC address of the Ethernet header type: string type: object x-vmw-nsx-module: Traceflow Evaluation: description: | Criterion Evaluation is the basic logical condition to evaluate whether the event could be potentially met. discriminator: resource_type properties: resource_type: description: | Criterion Evaluation resource type. enum: - SourceFieldEvaluation title: |- Resource Type type: string required: - resource_type title: |- Criterion Evaluation type: object x-vmw-nsx-module: PolicyReaction Event: description: | The Event is the criterion or criteria applied to the source and, when met, prompt Policy to run the action. All Reaction Events are constructed with reference to the object, the "source", that is logically deemed to be the object upon which the Event in question initially occurred upon. Some example events include: - New object was created. - Change in realization state. - Specific API is called. properties: criteria: description: | Criteria applied to the source and, if satisfied, would trigger the action. Criteria is composed of criterions. In order for the Criteria to be met, only one of the criterion must be fulfilled (implicit OR). items: $ref: '#/definitions/Criterion' title: |- Event Criteria type: array source: $ref: '#/definitions/Source' required: - source title: |- Reaction Event type: object x-vmw-nsx-module: PolicyReaction EvpnConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: advanced_config: $ref: '#/definitions/EvpnConfigAdvancedConfig' encapsulation_method: $ref: '#/definitions/EvpnEncapConfig' mode: default: DISABLE description: | In INLINE mode, edge nodes participate both in the BGP EVPN control plane route exchange and in data path tunneling between edge nodes and data center gateways. In ROUTE_SERVER mode, edge nodes participate in the BGP EVPN control plane route exchanges only and do not participate in the data forwarding, i.e., the data path tunnels are directly established between the hypervisors and the data center gateways. DISABLE mode disables EVPN service capability. enum: - INLINE - ROUTE_SERVER - DISABLE title: |- EVPN service mode type: string type: object x-vmw-nsx-module: PolicyConnectivity description: |- Evpn Configuration. title: |- Evpn Configuration x-vmw-nsx-module: PolicyConnectivity EvpnConfigAdvancedConfig: description: |- NSX specific configuration for evpn config properties: {} title: |- Advanced configuration for evpn config type: object x-vmw-nsx-module: PolicyConnectivity EvpnEncapConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: evpn_tenant_config_path: description: |- EVPN tenant config path title: |- EVPN tenant config path type: string vni_pool_path: description: |- vni pool path title: |- vni pool path type: string type: object x-vmw-nsx-module: PolicyConnectivity description: |- Encapsulation method for EVPN. title: |- Encapsulation method for EVPN x-vmw-nsx-module: PolicyConnectivity EvpnTenantConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: mappings: description: | This property specifies a mapping spec of incoming Evpn tenant vlan-ids to VXLAN VNIs used for overlay transmission to Physical-Gateways used by vRouters. items: $ref: '#/definitions/VlanVniRangePair' maxItems: 2000 minItems: 1 title: |- VLANs to VNIs mapping spec type: array transport_zone_path: description: |- Policy path to transport zone. Only overlay transport zone is supported. title: |- Policy path to the transport zone type: string vni_pool_path: description: |- Policy path to the vni pool used for Evpn in ROUTE-SERVER mode. title: |- Policy path to the vni pool type: string required: - transport_zone_path - mappings - vni_pool_path type: object x-vmw-nsx-module: PolicyConnectivity description: | This resource is relevant only when Evpn Service is configured in ROUTE-SERVER mode. The resource defines Vlans to VNIs mappings used by Evpn tenant VMs for overlay VXLAN transmission when attached to vRouter. The resource contains overlay transport_zone_path and vni_pool_path to orchestrate creation of child Logical-Switches. title: |- Evpn Tenant Configuration for Evpn in ROUTE-SERVER mode. x-vmw-nsx-module: PolicyConnectivity EvpnTenantConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Evpn Tenant Config list results items: $ref: '#/definitions/EvpnTenantConfig' title: |- Evpn Tenant Config list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Collection of Evpn Tenant Configuration. title: |- Paged Collection of Evpn Tenant Configuration x-vmw-nsx-module: PolicyConnectivity EvpnTunnelEndpointConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: edge_path: description: |- edge path title: |- edge path type: string local_addresses: description: |- local addresses items: description: |- IPv4 address format: ipv4 type: string maxItems: 1 minItems: 1 title: |- local addresses type: array mtu: description: |- MTU format: int32 maximum: 9100 minimum: 64 title: |- MTU type: integer required: - edge_path - local_addresses type: object x-vmw-nsx-module: PolicyConnectivity description: |- Evpn Tunnel Endpoint Configuration. title: |- Evpn Tunnel Endpoint Configuration x-vmw-nsx-module: PolicyConnectivity EvpnTunnelEndpointConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Evpn Tunnel Endpoint Configuration list results items: $ref: '#/definitions/EvpnTunnelEndpointConfig' title: |- Evpn Tunnel Endpoint Configuration list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Collection of Evpn Tunnel Endpoint Configuration. title: |- Paged Collection of Evpn Tunnel Endpoint Configuration x-vmw-nsx-module: PolicyConnectivity ExportRequestParameter: description: | This holds the request parameters required to invoke export task. properties: draft_path: description: | Policy path of a draft which is to be exported. If not provided, current firewall configuration will then be exported. title: |- Policy path of draft type: string passphrase: description: | Passphrase to sign exported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character. minLength: 8 title: |- Passphrase to sign exported files type: string title: |- Export task request parameters type: object x-vmw-nsx-module: PolicyTask ExportTask: allOf: - $ref: '#/definitions/PolicyTask' - properties: draft_path: description: | Policy path of a draft if this is an export task to export draft configuration. readOnly: true title: |- Policy path of a draft type: string exported_file: description: | Name of the exported file generated after completion of export task. readOnly: true title: |- Name of the exported file type: string type: object x-vmw-nsx-module: PolicyTask description: | This object holds the information of the export task. title: |- Export task information x-vmw-nsx-module: PolicyTask Expression: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: enum: - Condition - ConjunctionOperator - NestedExpression - IPAddressExpression - MACAddressExpression - ExternalIDExpression - PathExpression - IdentityGroupExpression type: string required: - resource_type type: object x-vmw-nsx-module: Policy description: | All the nodes of the expression extend from this abstract class. This is present for extensibility. title: |- Base class for each node of the expression x-vmw-nsx-module: Policy ExternalGatewayBfdConfig: description: | Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied. properties: bfd_profile_path: description: |- Policy path to Bfd Profile title: |- Policy path to Bfd Profile type: string enable: default: true description: |- Flag to enable BFD session. title: |- Enable BFD session type: boolean title: |- External Bidirectional Flow Detection configuration type: object x-vmw-nsx-module: Policy ExternalIDExpression: allOf: - $ref: '#/definitions/Expression' - properties: external_ids: description: |- This array can consist of one or more external IDs for the specified member type. items: type: string minItems: 1 title: |- Array of external IDs for the specified member type type: array member_type: description: |- External ID member type enum: - VirtualMachine - VirtualNetworkInterface - CloudNativeServiceInstance - PhysicalServer title: |- External ID member type type: string required: - external_ids - member_type type: object x-vmw-nsx-module: Policy description: |- Represents external ID expressions in the form of an array, to support addition of objects like virtual interfaces, virtual machines, CloudNativeServiceInstance PhysicalServer to a group. title: |- External ID expression node x-vmw-nsx-module: Policy FIPSGlobalConfig: description: |- Global configuration properties: lb_fips_enabled: default: false description: |- When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature. title: |- A flag to turn on or turn off the FIPS compliance of load balancer feature. type: boolean tls_fips_enabled: default: false description: |- When this flag is set to true FIPS mode will be set on ssl encryptions of TLS inspection feature. readOnly: true title: |- A flag to turn on or turn off the FIPS compliance of TLS inspection feature. type: boolean title: |- Global configuration type: object x-vmw-nsx-module: Policy FabricHostNode: properties: compute_collection_id: description: |- Id of the compute collection to which discovered node belongs. readOnly: true title: |- Compute collection id type: string discovered_ip_addresses: description: |- Discovered IP Addresses of the transport node, version 4 or 6 items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- Discovered IP Addresses of the transport node, version 4 or 6 type: array discovered_node_id: description: |- Id of discovered node which was converted to create this node. readOnly: true title: |- Discovered node id type: string fqdn: description: |- Fully qualified domain name of the transport node readOnly: true title: |- Fully qualified domain name of the transport node type: string host_credential: $ref: '#/definitions/HostNodeLoginCredential' ip_addresses: description: | IP Addresses of the Node, version 4 or 6. items: description: |- IPv4 or IPv6 address format: ip type: string title: |- IP Addresses of the Node, version 4 or 6 type: array maintenance_mode_state: description: | Indicates host node's maintenance mode state. The state is ENTERING when a task to put the host in maintenance-mode is in progress. enum: - 'OFF' - ENTERING - 'ON' readOnly: true title: |- Maintenance mode state type: string managed_by_server: description: |- The id of the vCenter server managing the ESXi type HostNode readOnly: true title: |- Id of vCenter server managing the HostNode type: string os_type: description: |- Hypervisor type, for example ESXi or RHEL KVM enum: - ESXI - RHELKVM - RHELSERVER - WINDOWSSERVER - RHELCONTAINER - UBUNTUKVM - UBUNTUSERVER - HYPERV - CENTOSKVM - CENTOSSERVER - CENTOSCONTAINER - SLESKVM - SLESSERVER - OELSERVER title: |- Hypervisor OS type type: string os_version: description: |- Version of the hypervisor operating system title: |- Hypervisor OS version type: string windows_install_location: description: |- Specify an installation folder to install the NSX kernel modules for Windows Server. By default, it is C:\Program Files\VMware\NSX\. title: |- Install location of Windows Server on baremetal being managed by NSX type: string required: - ip_addresses - os_type type: object x-vmw-nsx-module: PolicyHostTransportNode FeaturePermission: description: |- Feature Permission properties: feature: description: |- Feature Id title: |- Feature Id type: string feature_description: description: |- Feature Description title: |- Feature Description type: string feature_name: description: |- Feature Name title: |- Feature Name type: string is_execute_recommended: description: |- Is execute recommended readOnly: true title: |- Is execute recommended type: boolean is_internal: description: |- Is internal readOnly: true title: |- Is internal type: boolean permission: description: |- Permission enum: - crud - read - execute - none title: |- Permission type: string required: - feature - permission title: |- Feature Permission type: object x-vmw-nsx-module: AAA FeaturePermissionArray: properties: feature_permissions: description: |- Array of FeaturePermission items: $ref: '#/definitions/FeaturePermission' title: |- Array of FeaturePermission type: array required: - feature_permissions type: object x-vmw-nsx-module: AAA FeaturePermissionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List results items: $ref: '#/definitions/FeaturePermission' title: |- List results type: array required: - results type: object x-vmw-nsx-module: AAA x-vmw-nsx-module: AAA FeatureSet: description: |- Represents list of features required to view the widget. properties: feature_list: description: |- List of features required for to view widget. items: type: string title: |- List of features required for to view wdiget type: array require_all_permissions: description: |- Flag for specifying if permission to all features is required If set to false, then if there is permission for any of the feature from feature list, widget will be available. title: |- Flag for specifying if permission to all features is required type: boolean title: |- List of features required to view the widget type: object x-vmw-nsx-module: NsxDashboard FederationComponentUpgradeStatus: properties: component_type: description: |- Component type for the upgrade status readOnly: true title: |- Component type for the upgrade status type: string current_version_node_summary: description: |- Mapping of current versions of nodes and counts of nodes at the respective versions. items: $ref: '#/definitions/FederationNodeSummary' readOnly: true title: |- Mapping of current versions of nodes and counts of nodes at the respective versions. type: array details: description: |- Details about the upgrade status readOnly: true title: |- Details about the upgrade status type: string percent_complete: description: |- Indicator of upgrade progress in percentage readOnly: true title: |- Indicator of upgrade progress in percentage type: number status: description: |- Upgrade status of component enum: - SUCCESS - FAILED - IN_PROGRESS - NOT_STARTED - PAUSED readOnly: true title: |- Upgrade status of component type: string target_version: description: |- Target component version readOnly: true title: |- Target component version type: string type: object x-vmw-nsx-module: FederationUpgrade FederationConfig: description: | Global Manager federation configuration. This configuration is distributed to all Sites participating in federation. properties: site_config: description: |- Federation configurations of all Sites items: $ref: '#/definitions/SiteFederationConfig' readOnly: true title: |- Federation configurations of all Sites type: array title: |- Global Manager federation configuration type: object x-vmw-nsx-module: PolicySiteGM FederationConnectivityConfig: description: |- Additional configuration required for federation. properties: global_overlay_id: description: | Global id for by Layer3 services for federation usecases. format: int64 readOnly: true title: |- Auto generated federation global 24-bit id type: integer title: |- Federation connectivity configuration type: object x-vmw-nsx-module: PolicyConnectivity FederationGatewayConfig: allOf: - $ref: '#/definitions/FederationConnectivityConfig' - properties: site_allocation_indices: description: | Indicies for cross site allocation for edge cluster and its members referred by gateway. items: $ref: '#/definitions/SiteAllocationIndexForEdge' readOnly: true title: | Indicies for cross site allocation type: array transit_segment_id: description: | Global UUID for transit segment id to be used by Layer2 services for federation usecases. readOnly: true title: |- Auto generated federation global id for transit segment type: string type: object x-vmw-nsx-module: PolicyConnectivity description: |- Additional gateway configuration required for federation title: |- Federation gateway configuration x-vmw-nsx-module: PolicyConnectivity FederationNodeSummary: allOf: - $ref: '#/definitions/Resource' - properties: node_count: description: |- Number of nodes of the type and at the component version. format: int32 readOnly: true title: |- Count of nodes type: integer version: description: |- Component version readOnly: true title: |- Component version type: string type: object x-vmw-nsx-module: FederationUpgrade x-vmw-nsx-module: FederationUpgrade FederationQueueInfo: description: | Provides insights into details of a specific queue in the flows. For example Global Manager to Local Manager flow, there is a queue on the Global Manager for sending and a queue on Local Manager for receiving. properties: current_size: description: |- Number of messages in the queue format: int64 title: |- Number of messages in the queue type: integer max_size: description: |- Maixmum capacity of the queue format: int64 title: |- Maixmum capacity of the queue type: integer name: description: |- Queue name title: |- Queue name type: string namespace: description: | Every persistent queue has name and namespace. For more debugging like dumping queue, namespace is needed. title: |- Queue namespace type: string type: description: |- Queue type - sender or receiver side enum: - TRANSMITTER - RECEIVER title: |- Queue type - sender or receiver side type: string title: |- Details about a specific queue in the flow type: object x-vmw-nsx-module: FederationObservability FederationUpgradeSummary: description: | Provides upgrade summary for a specific site. properties: component_status: description: |- List of component statuses items: $ref: '#/definitions/FederationComponentUpgradeStatus' readOnly: true title: |- List of component statuses type: array current_version: description: |- This is NSX version for the site. readOnly: true title: |- Current version of the site type: string gpm_name: description: |- Name of the global manager if present. readOnly: true title: |- Name of the global manager type: string id: description: |- Unique identifier of this resource. readOnly: true title: |- UUID of this resource type: string last_upgrade_timestamp: description: |- Indicates the time when the site was upgraded. readOnly: true title: |- Last upgrade timestamp type: string name: description: |- Name of the site. readOnly: true title: |- Name of the site type: string overall_upgrade_status: description: |- Status of upgrade enum: - SUCCESS - FAILED - IN_PROGRESS - NOT_STARTED - PAUSED readOnly: true title: |- Status of upgrade type: string site_id: description: |- This is the Site Manager generated UUID for every NSX deployment. readOnly: true title: |- UUID of the site type: string site_ip: description: |- IP address of the site. readOnly: true title: |- Site IP type: string site_type: description: |- Type of this site. enum: - ACTIVE_GM_SITE - STANDBY_GM_SITE - NON_GM_SITE readOnly: true title: |- Site type type: string target_version: description: |- This is NSX target version for the site, if it is undergoing upgrade. readOnly: true title: |- Target version for the site type: string title: |- Upgrade Summary type: object x-vmw-nsx-module: FederationUpgrade FederationUpgradeSummaryListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged collection of site upgrade information items: $ref: '#/definitions/FederationUpgradeSummary' readOnly: true title: |- Paged collection of site upgrade information type: array type: object x-vmw-nsx-module: FederationUpgrade description: |- Paged Collection of site upgrade information title: |- Paged Collection of site upgrade information x-vmw-nsx-module: FederationUpgrade FieldSanityConstraintExpression: allOf: - $ref: '#/definitions/ConstraintExpression' - properties: checks: description: |- List of sanity checks. items: enum: - ALL_PUBLIC_IPS - ALL_PRIVATE_IPS - ALL_IPV6_CIDRS - ALL_IPV6_IPS - ALL_IPV4_CIDRS - ALL_IPV4_IPS type: string title: |- Array of sanity checks to be performed on field value type: array operator: description: |- A conditional operator enum: - OR - AND title: |- A conditional operator type: string required: - operator - checks type: object x-vmw-nsx-module: PolicyConstraints description: | Represents the field value constraint to constrain specified field value based on defined sanity checks. Example - For DNS.upstream_servers, all the IP addresses must either be public or private. { "target": { "target_resource_type": "DnsForwarderZone", "attribute": "upstreamServers", "path_prefix": "/infra/dns-forwarder-zones/" }, "constraint_expression": { "resource_type": "FieldSanityConstraintExpression", "operator": "OR", "checks": ["ALL_PUBLIC_IPS", "ALL_PRIVATE_IPS"] } } title: |- Represents the field value sanity constraint x-vmw-nsx-module: PolicyConstraints FieldSetting: description: | Field Setting. properties: field_pointer: description: |- Field Pointer. title: |- Field Pointer type: string value: $ref: '#/definitions/FieldSettingValue' required: - value - field_pointer title: |- FieldSetting type: object x-vmw-nsx-module: PolicyReaction FieldSettingValue: description: | Field Setting Value. discriminator: resource_type properties: resource_type: description: | Field Setting Value resource type. enum: - ConstantFieldValue title: |- Resource Type type: string required: - resource_type title: |- Field Setting Value type: object x-vmw-nsx-module: PolicyReaction FieldsFilterData: allOf: - $ref: '#/definitions/LiveTraceFilterData' - properties: ip_info: $ref: '#/definitions/IpInfo' transport_info: $ref: '#/definitions/TransportInfo' type: object x-vmw-nsx-module: LiveTrace x-vmw-nsx-module: LiveTrace FieldsPacketData: allOf: - $ref: '#/definitions/PacketData' - properties: arp_header: $ref: '#/definitions/ArpHeader' eth_header: $ref: '#/definitions/EthernetHeader' ip_header: $ref: '#/definitions/Ipv4Header' ipv6_header: $ref: '#/definitions/Ipv6Header' payload: description: |- Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload contains any data the user wants to put after the transport header. maxLength: 1336 title: |- RFC3548 compatible base64-encoded payload type: string transport_header: $ref: '#/definitions/TransportProtocolHeader' type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow FileTransferAuthenticationScheme: description: |- Remote server authentication details properties: password: description: |- Password to authenticate with title: |- Password to authenticate with type: string scheme_name: description: |- Authentication scheme name enum: - PASSWORD title: |- Authentication scheme name type: string username: description: |- User name to authenticate with title: |- User name to authenticate with type: string required: - username - scheme_name title: |- Remote server authentication details type: object x-vmw-nsx-module: BackupConfiguration FileTransferProtocol: description: |- Protocol to transfer backup file to remote server properties: authentication_scheme: $ref: '#/definitions/FileTransferAuthenticationScheme' protocol_name: default: sftp description: |- Protocol name enum: - sftp title: |- Protocol name type: string ssh_fingerprint: description: | The expected SSH fingerprint of the server. If the server's fingerprint does not match this fingerprint, the connection will be terminated. Only ECDSA fingerprints hashed with SHA256 are supported. To obtain the host's ssh fingerprint, you should connect via some method other than SSH to obtain this information. You can use one of these commands to view the key's fingerprint: 1. ssh-keygen -l -E sha256 -f ssh_host_ecdsa_key.pub 2. awk '{print $2}' ssh_host_ecdsa_key.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 | sed 's/.//44g' | awk '{print "SHA256:"$1}' title: |- SSH fingerprint of server type: string required: - protocol_name - ssh_fingerprint - authentication_scheme title: |- Protocol to transfer backup file to remote server type: object x-vmw-nsx-module: BackupConfiguration FilterRequest: description: |- Filter request parameters properties: case_sensitive: default: true description: | Set this flag to true to make filtering case-sensitive. title: |- Flag to indicate whether filtering is case-sensitive or not type: boolean field_names: description: |- Comma seperated fields to be filtered on title: |- Field Names type: string value: description: |- Filter value title: |- Value type: string required: - field_names - value title: |- Filter request type: object x-vmw-nsx-module: Search FilterWidgetConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: alias: description: |- Alias to be used when emitting filter value. title: |- Alias to be used when emitting filter value type: string type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration for filter widget. This is abstract representation of filter widget. title: |- Filter widget Configuration x-vmw-nsx-module: NsxDashboard FirewallConfiguration: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: disable_auto_drafts: default: false description: | To disable auto drafts, set it to true. By default, auto drafts are enabled. title: |- Auto draft disable flag type: boolean enable_firewall: default: true description: | If set to true, Firewall is enabled. title: |- Firewall enable flag type: boolean global_addrset_mode_enabled: default: true description: |- When this flag is set to true, global address set is enabled in Distributed Firewall. title: |- A flag to indicate if global address set is enabled in DFW type: boolean resource_type: enum: - DfwFirewallConfiguration type: string required: - resource_type type: object x-vmw-nsx-module: Policy description: |- Firewall related configurations title: |- Firewall related configurations x-vmw-nsx-module: Policy FirstNSampling: allOf: - $ref: '#/definitions/SamplingArgument' - properties: match_number: description: |- Number of packets to be sampled format: int64 maximum: 500 minimum: 1 title: |- Number of packets to be sampled type: integer required: - match_number type: object x-vmw-nsx-module: LiveTrace x-vmw-nsx-module: LiveTrace FloodProtectionProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: icmp_active_flow_limit: description: |- If this field is empty, firewall will not set a limit to active ICMP connections. format: int64 maximum: 1000000 minimum: 1 title: |- Active ICMP connections limit type: integer other_active_conn_limit: description: |- If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections. format: int64 maximum: 1000000 minimum: 1 title: |- Timeout after first TN type: integer resource_type: description: | GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways. DistributedFloodProtectionProfile is used for all Transport Nodes. enum: - GatewayFloodProtectionProfile - DistributedFloodProtectionProfile type: string tcp_half_open_conn_limit: description: |- If this field is empty, firewall will not set a limit to half open TCP connections. format: int64 maximum: 1000000 minimum: 1 title: |- Active half open TCP connections limit type: integer udp_active_flow_limit: description: |- If this field is empty, firewall will not set a limit to active UDP connections. format: int64 maximum: 1000000 minimum: 1 title: |- Active UDP connections limit type: integer required: - resource_type type: object x-vmw-nsx-module: PolicyProfile description: |- A profile holding TCP, UDP and ICMP and other protcol connection limits. title: |- Flood Protection profile x-vmw-nsx-module: PolicyProfile FloodProtectionProfileBindingListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Flood protection profile binding maps list results items: $ref: '#/definitions/FloodProtectionProfileBindingMap' title: |- Flood protection profile binding maps list results type: array required: - results type: object x-vmw-nsx-module: PolicyProfile description: |- Paged Collection of flood protection profile binding maps title: |- Paged Collection of flood protection profile binding maps x-vmw-nsx-module: PolicyProfile FloodProtectionProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - type: object x-vmw-nsx-module: PolicyProfile description: | This entity will be used to establish association between Flood Protection profile and Logical Routers. title: |- Policy Flood Protection Profile binding map x-vmw-nsx-module: PolicyProfile FloodProtectionProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Flood protection profile list results items: $ref: '#/definitions/FloodProtectionProfile' title: |- Flood protection profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyProfile description: |- Paged Collection of flood protection profiles title: |- Paged Collection of flood protection profiles x-vmw-nsx-module: PolicyProfile FlowInfo: description: | Provides details of config flow in federation Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM) properties: cross_site_flow_info: $ref: '#/definitions/CrossSiteFlowInfo' flow_type: description: |- Flow identifier enum: - GM_TO_LM - LM_TO_GM - GM_TO_GM - LM_TO_LM - GM_WORK_QUEUE - GM_DELETE_QUEUE title: |- Flow identifier type: string id: description: |- System identifier for the flow title: |- System identifier for the flow type: string queue_infos: description: |- Every flow will have transmitter and receiver queues. items: $ref: '#/definitions/FederationQueueInfo' title: |- Queue information for the flow type: array title: |- Details of config flow type: object x-vmw-nsx-module: FederationObservability Footer: description: |- Footer of a widget that provides additional information or allows an action such as clickable url for navigation. An example usage of footer is provided under 'example_request' section of 'CreateWidgetConfiguration' API. properties: actions: description: |- Action to be performed at the footer of a widget. An action at the footer can be simple text description or a hyperlink to a UI page. Action allows a clickable url for navigation. An example usage of footer action is provided under 'example_request' section of 'CreateWidgetConfiguration' API. items: $ref: '#/definitions/FooterAction' minItems: 0 title: |- Footer Actions type: array condition: description: |- If the condition is met then the footer will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. maxLength: 1024 title: |- Expression for evaluating condition type: string title: |- Widget Footer type: object x-vmw-nsx-module: NsxDashboard FooterAction: description: |- Action specified at the footer of a widget to provide additional information or to provide a clickable url for navigation. An example usage of footer action is provided under the 'example_request' section of 'CreateWidgetConfiguration' API. properties: dock_to_container_footer: default: true description: |- If true, the footer will appear in the underlying container that holds the widget. title: |- Dock the footer at container type: boolean label: $ref: '#/definitions/Label' url: description: |- Hyperlink to the UI page that provides details of action. maxLength: 1024 title: |- Clickable hyperlink, if any type: string required: - label title: |- Widget Footer Action type: object x-vmw-nsx-module: NsxDashboard FormFactorDetail: description: | Form factor contains, resources required to deploy NSX Application Platform deployment and available features for a given form factor. properties: node_resources: $ref: '#/definitions/NodeResources' supported_features: description: | Features supported in this form factor. items: type: string title: |- Supported features type: array title: |- Detail about form factor type: object x-vmw-nsx-module: PolicyCloudNative FormFactors: description: | Different form factor for deployment. properties: advanced: $ref: '#/definitions/FormFactorDetail' evaluation: $ref: '#/definitions/FormFactorDetail' standard: $ref: '#/definitions/FormFactorDetail' title: |- NSX Application Platform deployment platform form factors type: object x-vmw-nsx-module: PolicyCloudNative ForwardingPolicy: allOf: - $ref: '#/definitions/Policy' - properties: rules: description: |- Rules that are a part of this ForwardingPolicy items: $ref: '#/definitions/ForwardingRule' title: |- Rules that are a part of this ForwardingPolicy type: array type: object x-vmw-nsx-module: PolicyForwarding description: | Contains ordered list of forwarding rules that determine when to forward traffic to / from the underlay for accessing cloud native services. title: | Forwarding Policy x-vmw-nsx-module: PolicyForwarding ForwardingPolicyListResult: allOf: - $ref: '#/definitions/PolicyListResult' - properties: results: description: |- ForwardingPolicy list results items: $ref: '#/definitions/ForwardingPolicy' title: |- ForwardingPolicy list results type: array required: - results type: object x-vmw-nsx-module: PolicyForwarding description: |- Paged Collection of ForwardingPolicy objects title: |- Paged Collection of ForwardingPolicy objects x-vmw-nsx-module: PolicyForwarding ForwardingPolicyStatisticsForEnforcementPoint: description: |- Forwarding policy statistics for a specfic enforcement point. properties: enforcement_point: description: |- Path for a specific enforcement point readOnly: true title: |- Enforcement point path type: string statistics: $ref: '#/definitions/ForwardingPolicyStats' title: |- Forwarding Policy statistics for an enforcement point type: object x-vmw-nsx-module: PolicyForwardingStats ForwardingPolicyStatisticsListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Forwarding Policy statistics list results items: $ref: '#/definitions/ForwardingPolicyStatisticsForEnforcementPoint' title: |- Forwarding Policy statistics list results type: array required: - results type: object x-vmw-nsx-module: PolicyForwardingStats description: |- Paged Collection of Forwarding Policy statistics title: |- Paged Collection of Forwarding Policy statistics x-vmw-nsx-module: PolicyForwardingStats ForwardingPolicyStats: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of rule statistics. items: $ref: '#/definitions/ForwardingRuleStats' readOnly: true title: |- Forwarding rules stats type: array section_id: description: |- Forwarding policy identifier. readOnly: true title: |- Forwarding Policy ID type: string type: object x-vmw-nsx-module: PolicyForwardingStats x-vmw-nsx-module: PolicyForwardingStats ForwardingRule: allOf: - $ref: '#/definitions/BaseRule' - properties: action: description: | The action to be applied to all the services enum: - ROUTE_TO_UNDERLAY - ROUTE_TO_OVERLAY - ROUTE_FROM_UNDERLAY - ROUTE_FROM_OVERLAY - NAT_FROM_UNDERLAY - NAT_TO_UNDERLAY title: |- Action type: string type: object x-vmw-nsx-module: PolicyForwarding description: | Forwarding rule that determine how to forward traffic from a VM. Traffic from VM can either be routed via Overlay or Underlay when VM is on hybrid port. Additionally NAT can be performed for VM or container on overlay to route traffic to/from underlay ROUTE_TO_UNDERLAY - Access a service on underlay space from a VM connected to hybrid port. Eg access to AWS S3 on AWS underlay ROUTE_TO_OVERLAY - Access a service on overlay space from a VM connected to hybrid port. ROUTE_FROM_UNDERLAY - Access a service hosted on a VM (that is connected to hybrid port) from underlay space. Eg access from AWS ELB to VM ROUTE_FROM_OVERLAY - Access a service hosted on a VM (that is connected to hybrid port) from overlay space NAT_FROM_UNDERLAY - Access a service on overlay VM/container from underlay space using DNAT from underlay IP to overlay IP NAT_TO_UNDERLAY - Access an underlay service from a VM/container on overlay space using SNAT from overlay IP to underlay IP title: |- Forwarding rule x-vmw-nsx-module: PolicyForwarding ForwardingRuleListResult: allOf: - $ref: '#/definitions/BaseRuleListResult' - properties: results: description: |- Rule list results items: $ref: '#/definitions/ForwardingRule' title: |- Rule list results type: array required: - results type: object x-vmw-nsx-module: PolicyForwarding description: |- Paged Collection of ForwardingRules title: |- Paged Collection of ForwardingRules x-vmw-nsx-module: PolicyForwarding ForwardingRuleStatisticsForEnforcementPoint: description: |- Forwarding Rule statistics for a specfic enforcement point. properties: enforcement_point: description: |- Path for a specific enforcement point readOnly: true title: |- Enforcement point path type: string statistics: $ref: '#/definitions/ForwardingRuleStats' title: |- Forwarding Policy Rule statistics for an enforcement point type: object x-vmw-nsx-module: PolicyForwardingStats ForwardingRuleStatisticsListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- ForwardingRuleStatistics list results items: $ref: '#/definitions/ForwardingRuleStatisticsForEnforcementPoint' title: |- ForwardingRuleStatistics list results type: array required: - results type: object x-vmw-nsx-module: PolicyForwardingStats description: |- Paged Collection of Forwarding rule statistics title: |- Paged Collection of Forwarding rule statistics x-vmw-nsx-module: PolicyForwardingStats ForwardingRuleStats: allOf: - $ref: '#/definitions/RuleStatistics' - type: object x-vmw-nsx-module: PolicyForwardingStats description: | FP Rule Statistics. title: |- Forwarding Policy Rule Statistics x-vmw-nsx-module: PolicyForwardingStats FqdnAnalysisConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enabled: default: false description: | Property which specifies the enabling/disabling of the feature. title: |- Enabled type: boolean type: object x-vmw-nsx-module: PolicyUrlCategorization description: | The type contains information about the configuration of the FqdnAnalysis feature for a specific node. title: |- FQDN Analysis feature configuration entity x-vmw-nsx-module: PolicyUrlCategorization FullSyncInfo: description: | Represents details of the last full sync if full sync is not running, otherwise returns the status of current full sync. properties: data_streaming_from_source_end_time: description: |- End time of streaming full state from source format: int64 title: |- End time of streaming full state from source type: integer data_streaming_from_source_progress: description: |- Details about full sync on sender side title: |- Details about full sync on sender side type: string data_streaming_from_source_start_time: description: |- Start time of streaming full state from source format: int64 title: |- Start time of streaming full state from source type: integer end_time: description: |- Full sync end time format: int64 title: |- Full sync end time type: integer errors: description: |- Errors if any items: type: string title: |- Errors if any type: array fullSyncId: description: |- Full sync id title: |- Full sync id type: string reason: description: |- Description of full sync reason title: |- Description of full sync reason type: string reason_code: description: |- Full sync can happen for various internal reasons, as well user can request for one. The code provides the classification of possible reasons to start a full sync. enum: - QUEUE_OVERFLOW_ON_TRANSMITTER - QUEUE_OVERFLOW_ON_RECEIVER - CONNECTION_RESTORED - LM_ONBOARDED - GM_SWITCHOVER - RESTORED_GM_FROM_BACKUP - RESTORED_LM_FROM_BACKUP - BROWNFIELD_CONFIG_MIGRATION_FROM_LM_TO_GM - GM_REQUESTED_OVERSIZED_PAYLOAD - GM_REQUESTED_SITE_ONBOARDING - GM_REQUESTED_OTHER - LM_REQUSTED_OVERSIZED_PAYLOAD - LM_REQUESTED_OTHER - USER_REQUSTED - OTHER_AR_INTERNAL - POST_UPGRADE_GM - POST_UPGRADE_LM - UNKNOWN title: |- Reason code for full sync type: string receiver_end_time: description: |- End time of completing applying full state on receiver side format: int64 title: |- End time of completing applying full state on receiver side type: integer receiver_start_time: description: |- Start time of applying full state on receiver side format: int64 title: |- Start time of applying full state on receiver side type: integer receiver_state: description: | This is optional information, provides useful insights on receiver side once async channel hands over full state data to receiver. title: |- Internal receiver state type: string receiver_time_to_apply_in_millis: description: |- Time taken by application receiver to apply the full state received format: int64 title: |- Time taken by application receiver to apply the full state received type: integer stage: description: | This provides the insights into current full sync stage if in progress. enum: - NOT_STARTED - REQUESTED_FULL_STATE_FROM_SOURCE - TRANSFERRING_FULL_STATE - COMPLETED_TRANSFERRING_FULL_STATE - DESTINATION_APPLYING_FULL_STATE - COMPLETED_SUCCESSFUL - TIMEOUT_ON_SOURCE_RECEIVE_FULL_STATE - TIMEOUT_ON_DESTINATION_APPLY - COMPLETED_FAILED title: |- Current stage details if full sync in progress type: string start_time: description: |- Full sync start time format: int64 title: |- Full sync start time type: integer status: description: |- Full sync status enum: - NOT_STARTED - IN_PROGRESS - COMPLETED title: |- Full sync status type: string warnings: description: |- Errors if any items: type: string title: |- Errors if any type: array title: |- Full sync details for the flow type: object x-vmw-nsx-module: FederationObservability FullSyncState: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: errors: description: | Errors occurred during full sync. items: type: string readOnly: true title: |- Errors occurred during full sync type: array full_sync_id: description: | Full sync id generated by Async Replicator (AR) service. readOnly: true title: |- Full sync id type: string last_completed_stage: description: | The current stage of full sync completion for ongoing sync. When Local Manager (LM) receives full sync data from AR, LM starts with workflow to prserve the state and restore the full sync from where it has left off in case of change of leadership of the service to different NSX node or LM is restarted. LM starts the full sync workflow with state INITIAL capturing the AR full sync id and data location details. The stage/state transition follows the order given below INITIAL - Full sync started PROCESSED_FULLSYNC_DATA - Compelted processing the full state data provided by AR PRCESSED_DELTAS - Completed processing pending delta changes provided by AR. DELETED_STALE_ENTITIES - Completed deletion of all global entities on LM that are not in GM anymore COMPLETED - Full sync handling is completed on LM ERROR - Full sync failed with errors on LM, in which case AR will re-attempt full sync later point in time for the LM ABORTED - Indicates that the full sync cancelled as per user request enum: - INITIAL - PAUSE_DCNS - DELETED_STALE_ENTITIES - PROCESSED_FULLSYNC_DATA - PROCESSED_DELTAS - UNPAUSE_DCNS - COMPLETED - ERROR - ABORTED readOnly: true title: |- Full sync stage that is last completed for this request. type: string last_upate_time: description: |- Deprecated, refer to last_update_time for the last update time stamp. format: int64 readOnly: true type: integer x-deprecated: true last_update_time: description: |- Timestamp of last update, could be progress or success or error. format: int64 readOnly: true type: integer start_time: description: |- Timestamp of Full Sync start. format: int64 readOnly: true type: integer type: object x-vmw-nsx-module: PolicyFullSync description: | Provides FullSync state for Local Manager from Global Manager. title: |- Full sync state x-vmw-nsx-module: PolicyFullSync FullSyncStateListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- FullSync states list. items: $ref: '#/definitions/FullSyncState' title: |- FullSync states list type: array required: - results type: object x-vmw-nsx-module: PolicyFullSync description: |- Paged Collection of FullSync states. title: |- Paged Collection of FullSync states. x-vmw-nsx-module: PolicyFullSync GatewayFloodProtectionProfile: allOf: - $ref: '#/definitions/FloodProtectionProfile' - properties: nat_active_conn_limit: default: 4294967295 description: |- The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource. format: int64 maximum: 4294967295 minimum: 1 readOnly: false title: |- Maximum limit of active NAT connections type: integer type: object x-vmw-nsx-module: PolicyProfile x-vmw-nsx-module: PolicyProfile GatewayGeneralSecurityProfile: allOf: - $ref: '#/definitions/GeneralSecurityProfile' - properties: enable_double_flow: default: false description: |- The flag to indicate double flow check is enabled or not. This option applies only to EDGE components. readOnly: false title: |- Flag to indicate double flow check is enabled or not type: boolean type: object x-vmw-nsx-module: PolicyProfile x-vmw-nsx-module: PolicyProfile GatewayPolicy: allOf: - $ref: '#/definitions/Policy' - properties: rules: description: |- Rules that are a part of this SecurityPolicy items: $ref: '#/definitions/Rule' title: |- Rules that are a part of this SecurityPolicy type: array type: object x-vmw-nsx-module: Policy description: |- Contains ordered list of Rules for GatewayPolicy title: |- Contains ordered list of Rules for GatewayPolicy x-vmw-nsx-module: Policy GatewayPolicyListResult: allOf: - $ref: '#/definitions/PolicyListResult' - properties: results: description: |- GatewayPolicy list results items: $ref: '#/definitions/GatewayPolicy' title: |- GatewayPolicy list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of gateway policies title: |- Paged Collection of gateway policies x-vmw-nsx-module: Policy GatewayQosProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: burst_size: default: 1 description: | Burst size in bytes. format: int32 minimum: 1 title: |- Burst size in bytes type: integer committed_bandwidth: default: 1 description: | Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate. format: int32 minimum: 1 title: |- Committed bandwidth in Mbps type: integer committed_bandwitdth: default: 1 description: | Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate. This property is deprecated, use committed_bandwidth instead. format: int32 minimum: 1 title: |- Committed bandwidth in Mbps type: integer x-deprecated: true excess_action: description: | Action on traffic exceeding bandwidth. enum: - DROP title: |- Action on traffic exceeding bandwidth. type: string type: object x-vmw-nsx-module: PolicyConnectivity description: | QoS profile contains configuration of rate limiting properties which can be applied in ingress and egress directions at Tier1 gateways title: |- QoS configuration of Tier1 gateway x-vmw-nsx-module: PolicyConnectivity GatewayQosProfileConfig: description: |- Gateway QoS profile configuration properties: egress_qos_profile_path: description: | Policy path to gateway QoS profile in egress direction. title: |- Egress QoS profile type: string ingress_qos_profile_path: description: | Policy path to gateway QoS profile in ingress direction. title: |- Ingress QoS profile type: string title: |- Gateway QoS profile configuration type: object x-vmw-nsx-module: PolicyConnectivity GatewayQosProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of GatewayQosProfile items: $ref: '#/definitions/GatewayQosProfile' title: |- Paginated list of GatewayQosProfile type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity GatewayRouteCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: admin_distance: description: |- The admin distance of the next hop format: int64 title: |- The admin distance of the next hop type: integer edge_path: description: | Edge node policy path. readOnly: true title: |- Edge path type: string interface: description: |- The policy path of the interface which is used as the next hop title: |- The policy path of the interface which is used as the next hop type: string lr_component_id: description: |- Logical router component(Service Router/Distributed Router) id title: |- Logical router component(Service Router/Distributed Router) id type: string lr_component_type: description: |- Logical router component(Service Router/Distributed Router) type title: |- Logical router component(Service Router/Distributed Router) type type: string network: description: |- CIDR network address format: ip-cidr-block type: string next_hop: description: |- The IP of the next hop format: ip type: string route_type: description: |- Route type (USER, CONNECTED, NSX_INTERNAL,..) title: |- Route type (USER, CONNECTED, NSX_INTERNAL,..) type: string required: - route_type - network type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics GatewayRouteTableInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/GatewayRouteCsvRecord' type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics GeneralSecurityProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: description: | GatewayGeneralSecurityProfile is used for all Tier0 and Tier1 gateways. enum: - GatewayGeneralSecurityProfile type: string required: - resource_type type: object x-vmw-nsx-module: PolicyProfile description: |- A profile holding general security settings. title: |- General Security profile x-vmw-nsx-module: PolicyProfile GeneralSecurityProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - type: object x-vmw-nsx-module: PolicyProfile description: | This entity will be used to establish association between General Security profile and Logical Routers. title: |- Policy General Security profile binding map x-vmw-nsx-module: PolicyProfile GenericDhcpOption: description: |- Define DHCP options other than option 121. properties: code: description: |- Code of the dhcp option. format: int64 maximum: 255 minimum: 0 title: |- DHCP option code, [0-255] type: integer values: description: |- Value of the option. items: type: string maxItems: 10 minItems: 1 title: |- DHCP option value type: array required: - code - values title: |- Generic DHCP option type: object x-vmw-nsx-module: Dhcp GenericPolicyRealizedResource: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: enforcement_point_path: description: |- The path of the enforcement point. readOnly: true title: |- Enforcement Point Path type: string entity_type: description: |- Type of realized entity readOnly: true title: |- Type of realized entity type: string extended_attributes: description: |- Collection of type specific properties items: $ref: '#/definitions/AttributeVal' readOnly: true title: |- Collection of type specific properties type: array intent_paths: description: |- Collection of intent paths items: type: string readOnly: true title: |- Collection of intent paths type: array site_path: description: |- The site where this entity resides. readOnly: true title: |- Site Path type: string type: object x-vmw-nsx-module: PolicyRealizedState description: |- Represents realized entity title: |- Generic realized entity x-vmw-nsx-module: PolicyRealizedState GenericPolicyRealizedResourceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of realized resources items: $ref: '#/definitions/GenericPolicyRealizedResource' title: |- Paged Collection of GenericPolicyRealizedResources type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- GenericPolicyRealizedResource list result title: |- GenericPolicyRealizedResource list result x-vmw-nsx-module: PolicyRealizedState GlobalCollectorConfig: description: | The GlobalCollectorConfig is the base class for global collector configurations for different types in a NSX domain. discriminator: collector_type properties: collector_ip: description: |- IP address for the global collector. format: ip type: string collector_port: description: |- Port for the global collector. format: int32 maximum: 65535 minimum: 0 title: |- Port for the global collector type: integer collector_type: description: |- Specify the global collector type. enum: - VRNI - WAVE_FRONT type: string required: - collector_port - collector_type - collector_ip title: |- Abstract base type for Global collector configurations of different types type: object x-vmw-nsx-module: Policy GlobalConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: allow_changing_vdr_mac_in_use: default: false description: |- When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has "nested_nsx" property set to true, the MAC in "vdr_mac_nested" is used; otherwise the MAC in "vdr_mac" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose "nested_nsx" property is true but is in an OVERLAY transport zone, the first way is updating the "vdr_mac" property. The 2nd way is updating one of the OVERLAY tranport zones joined by the host switch to set "nested_nsx" property true which will make the host switch use the VDR MAC in "vdr_mac_nested". The third way is directly updating the transport node to add an OVERLAY transport zone whose "nested_nsx" property is true into the host switch which will also make the host switch use the VDR MAC in "vdr_mac_nested". If the host switch is in some OVERLAY transport zone(s) whose "nested_nsx" property is true, the first way is updating the "vdr_mac_nested" property. The 2nd way is updating all those OVERLAY tranport zones to set "nested_nsx" property false which will make the host switch use the VDR MAC in "vdr_mac". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in "vdr_mac". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage! title: |- A flag to indicate if changing the VDR MAC being used is allowed type: boolean arp_limit_per_gateway: description: | Global configuration of maximum number of ARP entries per transport node at each Tier0/Tier1 gateway. format: int32 maximum: 50000 minimum: 5000 title: |- ARP limit per Tier0/Tier1 gateway type: integer external_gateway_bfd: $ref: '#/definitions/ExternalGatewayBfdConfig' fips: $ref: '#/definitions/FIPSGlobalConfig' global_replication_mode_enabled: default: false description: |- When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span. title: |- A flag to indicate if global replication mode is enabled type: boolean l3_forwarding_mode: default: IPV4_ONLY description: | Configure forwarding mode for routing. This setting does not restrict configuration for other modes. enum: - IPV4_ONLY - IPV4_AND_IPV6 title: |- L3 forwarding mode type: string lb_ecmp: default: false description: | Flag to enable/disable ECMP load balancing. By default ECMP load balancing is disabled. title: |- Flag for controlling equal-cost multi-path(ECMP) load balancing. type: boolean mtu: description: | Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit. This is the global default MTU for all the EXTERNAL (uplink) and SERVICE (CSP) interfaces in the NSX domain. There is no option to override this value at the transport zone level or transport node level. format: int32 minimum: 1280 title: |- MTU size type: integer operation_collectors: description: | This property is a part of OpsGlobalConfig object. Use /infra/ops-global-config instead. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode. items: $ref: '#/definitions/GlobalCollectorConfig' title: |- Operation global collector config type: array x-deprecated: true physical_uplink_mtu: default: 1700 description: |- This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized. format: int32 readOnly: false title: |- MTU for the physical uplinks type: integer remote_tunnel_physical_mtu: default: 1700 description: |- This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used. format: int32 readOnly: false title: |- The physical MTU for the remote tunnel endpoints type: integer uplink_mtu_threshold: default: 9000 description: |- This value defines the upper threshold for the Maximum Transmission Unit (MTU) value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU. format: int32 title: |- Upper threshold for MTU on physical and logical uplinks type: integer vdr_mac: default: 02:50:56:56:44:52 description: |- This is the global default MAC address for all VDRs in all transport nodes in a NSX system. It can be changed only when there is no transport node in the NSX system. This value cannot be same as vdr_mac_nested. When the property "allow_changing_vdr_mac_in_use" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has "nested_nsx" property being true. format: mac-address type: string vdr_mac_nested: default: 02:50:56:56:44:53 description: |- This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. It can be changed only when there is no transport node in the NSX system. All transport zones in such a nested NSX system will have the "nested_nsx" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property "allow_changing_vdr_mac_in_use" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose "nested_nsx" property is true. format: mac-address type: string type: object x-vmw-nsx-module: Policy description: |- Global configuration title: |- Global configuration x-vmw-nsx-module: Policy GlobalIdsSignature: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action: description: | It denotes the global action of a IDS Signature. This will take precedence over IDS signature's action. enum: - ALERT - DROP - REJECT title: |- Global IDS signature's action type: string enable: default: true description: | Flag through which user can Enable/Disable a Signature at Global Level. title: |- Flag to Enable/Disable a IDS Signature globally. type: boolean signature_id: description: | Represents the Signature's id. title: |- Signature ID type: string required: - signature_id type: object x-vmw-nsx-module: PolicyIDS description: | Global IDS signature. title: |- Global IDS signature x-vmw-nsx-module: PolicyIDS GlobalIdsSignatureListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Global IDS signature list results items: $ref: '#/definitions/GlobalIdsSignature' title: |- Global IDS signature list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDS description: |- Paged collection of Global IDS signatures title: |- Paged collection of Global IDS signatures x-vmw-nsx-module: PolicyIDS GlobalManager: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: connection_info: description: | To create a standby GM, the connection information (username, password, and API thumbprint) for at least one NSX manager node in the remote site must be provided. Once the GM has been successfully onboarded, the connection_info is discarded and authentication to the standby GM occurs using an X.509 client certificate. items: $ref: '#/definitions/SiteNodeConnectionInfo' maxItems: 3 title: |- Connection information type: array fail_if_rtt_exceeded: default: true description: | Fail onboarding if maximum RTT exceeded. title: |- Fail onboarding if maximum RTT exceeded type: boolean federation_id: description: | Internally generated UUID to the federation of Global Manager. readOnly: true title: |- Global manager federation UUID type: string maximum_rtt: default: 250 description: | If provided and fail_if_rtt_exceeded is true, onboarding of the site will fail if measured RTT is greater than this value. format: int64 maximum: 1000 minimum: 0 title: |- Maximum acceptable packet round trip time (RTT) type: integer mode: description: | There can be at most one ACTIVE global manager and one STANDBY global manager. In order to add a STANDBY manager, there must be an ACTIVE manager defined. enum: - ACTIVE - STANDBY title: |- Mode of the global manager type: string site_id: description: | UUID of the site where Global manager is running. This is the Site Manager generated UUID for every NSX deployment. readOnly: true title: |- UUID of the site where Global manager is running type: string required: - mode type: object x-vmw-nsx-module: PolicySiteGM description: | Global Manager. title: |- Global Manager x-vmw-nsx-module: PolicySiteGM GlobalManagerConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: rtep_config: $ref: '#/definitions/GmRtepConfig' type: object x-vmw-nsx-module: PolicySiteGM description: | This configuration is distributed to all Sites participating in federation. title: |- Global Manager configuration x-vmw-nsx-module: PolicySiteGM GlobalManagerListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Global Manager List Result. items: $ref: '#/definitions/GlobalManager' title: |- Global Manager List Result type: array required: - results type: object x-vmw-nsx-module: PolicySiteGM description: |- Paged Collection of Global Managers. title: |- Paged Collection of Global Managers x-vmw-nsx-module: PolicySiteGM GlobalManagerSwitchOverRequestParameter: description: | Parameter to force switch over from Standby to Active. properties: force: description: | If true indicates that user requested make standby Global Manager as active ignoring the state of current active Global Manager. Typically, recommended to use when active Global Manager is failed or not reachable. title: |- Indciates force switchover to Active type: boolean title: |- Parameter to force switchover type: object x-vmw-nsx-module: PolicySiteGM GlobalRestoreStatus: description: |- Overall restore process status properties: description: description: |- A description of the restore status readOnly: true title: |- A description of the restore status type: string value: description: |- Global rolled-up restore status value enum: - INITIAL - SUCCESS - FAILED - RUNNING - SUSPENDED_BY_USER - SUSPENDED_FOR_USER_ACTION - SUSPENDED - ABORTED readOnly: true title: |- Global rolled-up restore status value type: string title: |- Overall restore process status type: object x-vmw-nsx-module: ClusterRestore GmFederationSiteConfig: description: |- Additional configuration required for federation at Site. properties: transit_subnet: description: | IP Addresses to be allocated for transit segment when the gateway is stretched. Note that Global Manager will carve out the IP Pool for each site to be used for edge nodes when gateway is stretched based on the user provided subnet and maximum number of edge nodes allowed per site. format: ip-cidr-block title: |- Transit subnet in CIDR format type: string title: |- Federation configuration for the site type: object x-vmw-nsx-module: PolicyEnforcementPointManagement GmRtepConfig: description: | Global Manager federation RTEP configuration. This configuration is distributed to all Sites participating in federation. properties: ibgp_password: description: | Password to authenticate IBGP session between remote tunnel endpoints created on federated sites. This is applied to inter-site underlay IBGP neighbors created over remote tunnel endpoints on all sites. Empty string ("") clears existing password. maxLength: 20 title: |- Password for IBGP sessions between federated sites type: string title: |- Global Manager federation RTEP configuration type: object x-vmw-nsx-module: PolicySiteGM GraphConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: axes: $ref: '#/definitions/Axes' display_x_value: default: false description: |- If true, value of a point is shown as label on X axis. If false, value of point is not shown as label on X axis. false can be useful in situations where there are too many points and showing the X value as label can clutter the X axis. title: |- Show or hide the value of a point on X axis type: boolean graphs: description: |- Graphs items: $ref: '#/definitions/GraphDefinition' minItems: 1 title: |- Graphs type: array graphs_colors: description: |- An array of graphs colors which will be applied to each graph seperately. if number of provided colors are smaller than number of graph in the widget then colors are applied in circular manner. items: type: string title: |- A colors for the graph type: array line_chart_plot_configs: description: |- List of line chart plotting configuration. This plotting configuration will be applicable for the LINE_GRAPH only. items: $ref: '#/definitions/LineChartPlotConfiguration' title: |- List of line chart plotting configuration type: array navigation: description: |- Hyperlink of the specified UI page that provides details. title: |- Navigation to a specified UI page type: string sub_type: default: BAR_GRAPH description: |- Describes the the type of graph. LINE_GRAPH shows a line graph chart BAR_GRAPH shows a simple bar graph chart STACKED_BAR_GRAPH shows a stacked bar graph chart enum: - LINE_GRAPH - BAR_GRAPH - STACKED_BAR_GRAPH title: |- Subtype of a graph type: string x_value_type: default: string description: |- x value type. enum: - string - number - date - millisecond - second title: |- x value type type: string y_value_type: description: |- y value type. enum: - integer - double title: |- y value type type: string required: - graphs type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration of a graph widget title: |- Graph Configuration x-vmw-nsx-module: NsxDashboard GraphDefinition: description: |- Defines a graph properties: id: description: |- Identifier of graph. It can be used to differentiate multiple graph series present in GraphWidgetConfiguration. title: |- Identifier of graph type: string label: $ref: '#/definitions/Label' point_definition: $ref: '#/definitions/PointDefinition' render_configuration: description: |- Additional rendering or conditional evaluation of the field values to be performed, if any. items: $ref: '#/definitions/RenderConfiguration' minItems: 0 title: |- Render Configuration type: array row_list_field: description: |- An expression that represents the series of the graph title: |- Expression for series of the graph type: string required: - point_definition title: |- Definition of a graph type: object x-vmw-nsx-module: NsxDashboard GridConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: columns: description: |- Array of columns of a Grid widget items: $ref: '#/definitions/ColumnItem' title: |- Columns type: array page_size: default: 30 description: |- Number of records per page. page_size will be effective only when the urls provided in the datasource support paging. format: int32 title: |- Page Size type: integer row_list_fields: description: |- Rows of grid or table are formed from the list of objects returned by a row list field. items: $ref: '#/definitions/RowListField' minItems: 1 title: |- List of fields from which rows are formed type: array required: - row_list_fields - columns type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration of a Grid or Table widget. title: |- Grid Configuration x-vmw-nsx-module: NsxDashboard Group: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: expression: description: | The expression list must follow below criteria: 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all non-conjunction expressions must be at even indices, separated by a conjunction expression at odd indices. 2. The total of ConditionExpression and NestedExpression in a list should not exceed 5. 3. The total of IPAddressExpression, MACAddressExpression, external IDs in an ExternalIDExpression and paths in a PathExpression must not exceed 500. 4. Each expression must be a valid Expression. See the definition of the Expression type for more information. items: $ref: '#/definitions/Expression' title: |- Expression type: array extended_expression: description: | Extended Expression allows additional higher level context to be specified for grouping criteria. (e.g. user AD group) This field allow users to specified user context as the source of a firewall rule for IDFW feature. Current version only support a single IdentityGroupExpression. In the future, this might expand to support other conjunction and non-conjunction expression. The extended expression list must follow below criteria: 1. Contains a single IdentityGroupExpression. No conjunction expression is supported. 2. No other non-conjunction expression is supported, except for IdentityGroupExpression. 3. Each expression must be a valid Expression. See the definition of the Expression type for more information. 4. Extended expression are implicitly AND with expression. 5. No nesting can be supported if this value is used. 6. If a Group is using extended expression, this group must be the only member in the source field of an communication map. items: $ref: '#/definitions/Expression' maxItems: 1 title: |- Extended Expression type: array group_type: description: | Group type can be specified during create and update of a group. Empty group type indicates a 'generic' group, ie group can include any entity from the valid GroupMemberType. items: description: |- ANTREA group type includes IPAddress, Pod, NameSpace and Service group member types. enum: - IPAddress - ANTREA type: string maxItems: 1 title: |- Indicates the group type. type: array reference: default: false description: | If true, indicates that this is a remote reference group. Such group will have span different from the its parent domain. Default value is false. readOnly: true title: |- Indicates if the group is a reference. type: boolean state: description: |- Realization state of this group enum: - IN_PROGRESS - SUCCESS - FAILURE title: |- Realization state of this group type: string type: object x-vmw-nsx-module: Policy description: |- Group. title: |- Group x-vmw-nsx-module: Policy GroupDiscoveryProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - properties: sequence_number: description: | Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000. format: int64 maximum: 100000 minimum: 1 title: |- Sequence number group discovery profile Binding Map type: integer type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: | This entity will be used to establish association between discovery profile and Group. With this entity, user can specify intent for applying discovery profile profile to particular Group. title: |- Map for binding group with discovery profile x-vmw-nsx-module: PolicyDiscoveryProfileBinding GroupDiscoveryProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Group Discovery Profile Binding Map List Results items: $ref: '#/definitions/GroupDiscoveryProfileBindingMap' title: |- Group Discovery Profile Binding Map List Results type: array type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: |- Paged collection of Group Discovery Profile Binding Map title: |- Paged collection of Group Discovery Profile Binding Map x-vmw-nsx-module: PolicyDiscoveryProfileBinding GroupInfo: description: |- GroupInfo contains information about a particular Group used in Redirection Rules. It also contains information about policy path, if the group is created from Policy. properties: group: $ref: '#/definitions/ResourceReference' group_policy_path: description: |- Policy path of a particular Group. readOnly: true title: |- Policy path of Group type: string title: |- GroupInfo type: object x-vmw-nsx-module: PolicyServiceInsertion GroupListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Group list results items: $ref: '#/definitions/Group' title: |- Group list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Groups title: |- Paged Collection of Groups x-vmw-nsx-module: Policy GroupMemberList: description: |- List of same type members to either add or remove from a group. properties: members: description: |- This array contains group members of similar types. items: type: string maxItems: 4000 minItems: 1 title: |- Groups members collection type: array required: - members title: |- Members to add or remove for a Group. type: object x-vmw-nsx-module: Policy GroupMemberTagsList: description: | Collection of tags used in a policy group for a particular member type properties: member_type: description: |- Member type for which we will list the tags title: |- Member type for which we will list the tags type: string tags: description: |- List of tags for the member type items: type: string title: |- List of tags for the member type type: array required: - member_type - tags title: |- Group tags list for a particular member type type: object x-vmw-nsx-module: PolicyGroupRealization GroupMemberTypeListResult: properties: result_count: description: |- Count of the member types in the results array format: int64 readOnly: true title: |- Count of the member types in the results array type: integer results: description: |- Collection of member types for the given Group items: description: |- Valid Group member type enum: - VirtualMachine - VirtualNetworkInterface - SegmentPort - Segment - CloudNativeServiceInstance - IPAddress - MACAddress - IPSet - IdentityGroup - PhysicalServer - Pod - Service - Namespace - Cluster - TransportNode - Group - DVPG - DVPort type: string title: |- Collection of member types for the given Group type: array required: - results type: object x-vmw-nsx-module: Policy GroupMonitoringProfileBindingMap: allOf: - $ref: '#/definitions/MonitoringProfileBindingMap' - properties: ipfix_dfw_profile_path: description: |- PolicyPath of associated IPFIX DFW Profile title: |- IPFIX DFW Profile Path type: string ipfix_l2_profile_path: description: |- PolicyPath of associated IPFIX L2 Profile title: |- IPFIX L2 Profile Path type: string port_mirroring_profile_path: description: |- PolicyPath of associated Port Mirroring Profile title: |- Port Mirroring Profile Path type: string type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: | This entity will be used to establish association between monitoring profile and Group. Using this entity, you can specify intent for applying monitoring profile to particular Group. Group with membership criteria vm only supported as source group. Port mirroring is only supported on group with five vms. title: |- Group Monitoring Profile binding map x-vmw-nsx-module: PolicyMonitoringProfileBinding GroupMonitoringProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Group Monitoring Profile Binding Map list results items: $ref: '#/definitions/GroupMonitoringProfileBindingMap' title: |- Group Monitoring Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: |- Paged collection of Group Monitoring Profile Binding Maps title: |- Paged collection of Group Monitoring Profile Binding Maps x-vmw-nsx-module: PolicyMonitoringProfileBinding GroupTagsList: description: | Collection of tags used in a policy group listed per member type properties: results: description: |- Collection of tags used in a policy group listed per member type items: $ref: '#/definitions/GroupMemberTagsList' title: |- Collection of tags used in a policy group listed per member type type: array required: - results title: |- Group tags list listed per member type type: object x-vmw-nsx-module: PolicyGroupRealization GuestInfo: description: | Guest virtual machine details include OS name and computer name of guest VM. properties: computer_name: description: | Computer name of guest virtual machine, which is set inside guest OS. Currently this is supported for guests on ESXi that have VMware Tools installed. readOnly: true title: |- Computer name type: string os_name: description: | OS name of guest virtual machine. Currently this is supported for guests on ESXi that have VMware Tools installed. readOnly: true title: |- OS name type: string title: |- Guest virtual machine details type: object x-vmw-nsx-module: Inventory Header: description: |- Header of a widget that provides additional information. This will be shown at the container level. It includes details as label value pairs. properties: condition: description: |- If the condition is met then the header will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. maxLength: 1024 title: |- Expression for evaluating condition type: string content_alignment: default: RIGHT description: |- Alignment of header labels. enum: - LEFT - RIGHT title: |- alignment for labelvalue pair type: string sub_header_widgets: description: |- An array of widgets which will appear inside the container header Instead of 'sub_headers' property use this property. items: $ref: '#/definitions/WidgetItem' minItems: 0 title: |- An array of widgets inside the container header type: array sub_headers: description: |- An array of label-value properties. This field is deprecated instead used 'sub_header_widgets' property to define header widgets. items: $ref: '#/definitions/PropertyItem' minItems: 0 title: |- Rows type: array x-deprecated: true title: |- Widget Header type: object x-vmw-nsx-module: NsxDashboard HeatMapTransportNodesAggregateStatus: properties: degraded_count: description: |- Number of transport nodes that are degraded format: int32 title: |- Number of transport nodes that are degraded type: integer down_count: description: |- Number of transport nodes that are down format: int32 title: |- Number of transport nodes that are down type: integer unknown_count: description: |- Number of transport nodes with unknown status format: int32 title: |- Number of transport nodes with unknown status type: integer up_count: description: |- Number of transport nodes that are up format: int32 title: |- Number of transport nodes that are up type: integer type: object x-vmw-nsx-module: Heatmap HeatMapTransportZoneStatus: properties: degraded_count: description: |- Number of transport nodes that are degraded format: int32 title: |- Number of transport nodes that are degraded type: integer down_count: description: |- Number of transport nodes that are down format: int32 title: |- Number of transport nodes that are down type: integer unknown_count: description: |- Number of transport nodes with unknown status format: int32 title: |- Number of transport nodes with unknown status type: integer up_count: description: |- Number of transport nodes that are up format: int32 title: |- Number of transport nodes that are up type: integer type: object x-vmw-nsx-module: Heatmap HostInfraTrafficType: description: | The traffic_name specifies the infrastructure traffic type and it must be one of the following system-defined types: FAULT_TOLERANCE is traffic for failover and recovery. HBR is traffic for Host based replication. ISCSI is traffic for Internet Small Computer System Interface. MANAGEMENT is traffic for host management. NFS is traffic related to file transfer in network file system. VDP is traffic for vSphere data protection. VIRTUAL_MACHINE is traffic generated by virtual machines. VMOTION is traffic for computing resource migration. VSAN is traffic generated by virtual storage area network. The dynamic_res_pool_name provides a name for the resource pool. It can be any arbitrary string. Either traffic_name or dynamic_res_pool_name must be set. If both are specified or omitted, an error will be returned. properties: dynamic_res_pool_name: description: |- Dynamic resource pool traffic name title: |- Dynamic resource pool traffic name type: string traffic_name: description: |- Traffic types enum: - FAULT_TOLERANCE - HBR - ISCSI - MANAGEMENT - NFS - VDP - VIRTUAL_MACHINE - VMOTION - VSAN title: |- Traffic types type: string title: |- Enumerate all types of traffic type: object x-vmw-nsx-module: NiocProfile HostNodeLoginCredential: description: |- The credentials to login into the host node properties: password: description: |- The authentication password of the host node title: |- The authentication password of the host node type: string thumbprint: description: | For ESXi hosts, the thumbprint of the ESXi management service. For KVM hosts, the SSH key fingerprint. If thumbprint is not provided then connection to host may not be established and API call will fail. title: |- ESXi thumbprint or SSH key fingerprint of the host node type: string username: description: |- The username of the account on the host node title: |- The username of the account on the host node type: string title: |- The credentials to login into the host node type: object x-vmw-nsx-module: FabricNode HostSwitchProfileTypeIdEntry: properties: key: description: |- Supported HostSwitch profiles. enum: - UplinkHostSwitchProfile - LldpHostSwitchProfile - NiocProfile - ExtraConfigHostSwitchProfile type: string value: description: |- key value readOnly: false type: string required: - value type: object x-vmw-nsx-module: BaseHostSwitchProfile HostSwitchSpec: description: | The HostSwitchSpec is the base class for standard and preconfigured host switch specifications. discriminator: resource_type properties: resource_type: enum: - StandardHostSwitchSpec - PreconfiguredHostSwitchSpec type: string required: - resource_type title: |- Abstract base type for transport node host switch specification type: object x-vmw-nsx-module: TransportNode HostSwitchState: description: |- Host Switch State properties: endpoints: description: |- List of virtual tunnel endpoints which are configured on this switch items: $ref: '#/definitions/Endpoint' readOnly: true title: |- List of virtual tunnel endpoints which are configured on this switch type: array host_switch_id: description: |- External ID of the HostSwitch readOnly: true title: |- External ID of the HostSwitch type: string host_switch_name: description: |- The name must be unique among all host switches specified in a given Transport Node. readOnly: true title: |- HostSwitch name. This name will be used to reference this HostSwitch. type: string host_switch_type: default: NVDS description: |- VDS represents VMware vSphere Distributed Switch from vSphere that is used as HostSwitch through TransportNode or TransportNodeProfile configuration. When VDS is used as a HostSwitch, Hosts have to be added to VDS from vSphere and VDS instance is created on Hosts. To configure NSX on such hosts, you can use this VDS as a HostSwitch from NSX manager. vCenter has the ownership of MTU, LAG, NIOC and LLDP configuration of such VDS backed HostSwitch. Remaining configuration (e.g. UplinkHostswitchProfile) will be managed by NSX. NVDS represents NSX Virtual Switch which is NSX native HostSwitch. All configurations of NVDS will be managed by NSX. enum: - NVDS - VDS title: |- Type of HostSwitch type: string transport_zone_ids: description: |- List of Ids of TransportZones this HostSwitch belongs to items: type: string readOnly: true title: |- List of Ids of TransportZones this HostSwitch belongs to type: array title: |- Host Switch State type: object x-vmw-nsx-module: TransportNode HostTransportNode: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: discovered_node_id_for_create: description: | Specify discovered node id to create Host Transport Node for Discovered Node. This field is required during Host Transport Node create from vCenter server managing the ESXi type HostNode. No need to provide node_deployment_info while creating Host Transport Node for Discovered Node. If both node_deployment_info and discovered_node_id_for_create provided during Host TransportNode create payload then it will create Host Transport Node from the discovered node id provided in this field. readOnly: false title: |- Discovered node id to create Host Transport Node type: string host_switch_spec: $ref: '#/definitions/HostSwitchSpec' is_overridden: description: | This flag is relevant to only those hosts which are part of a compute collection which has transport node profile (TNP) applied on it. If you change the transport node configuration and it is different than cluster level TNP then this flag will be set to true. readOnly: true title: |- Indicates if config is different than compute collection. type: boolean maintenance_mode: description: |- The property is read-only, used for querying result. User could update transport node maintenance mode by UpdateTransportNodeMaintenanceMode call. enum: - ENABLED - FORCE_ENABLED - DISABLED readOnly: true title: |- transport node maintenance mode desired state type: string node_deployment_info: $ref: '#/definitions/FabricHostNode' type: object x-vmw-nsx-module: PolicyHostTransportNode description: |- Host Transport Node title: |- Host Transport Node x-vmw-nsx-module: PolicyHostTransportNode HostTransportNodeCollection: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: compute_collection_id: description: |- Compute collection id title: |- Compute collection id type: string has_nvds: description: |- Flag indicating if applied profile has NVDS title: |- Flag indicating if applied profile has NVDS type: boolean transport_node_profile_id: description: |- Transport Node Profile ID title: |- Transport Node Profile ID type: string required: - compute_collection_id type: object x-vmw-nsx-module: HostTransportNodeCollection description: |- Entity to indicate relation between Compute collection and Transport node template. title: |- Compute collection transport node template x-vmw-nsx-module: HostTransportNodeCollection HostTransportNodeCollectionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Transport Node collection results items: $ref: '#/definitions/HostTransportNodeCollection' readOnly: true title: |- Transport Node collection results type: array type: object x-vmw-nsx-module: HostTransportNodeCollection description: |- Transport Node collections list result title: |- Transport Node collections list result x-vmw-nsx-module: HostTransportNodeCollection HostTransportNodeListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Host TransportNode Results items: $ref: '#/definitions/HostTransportNode' readOnly: true title: |- Host TransportNode Results type: array type: object x-vmw-nsx-module: PolicyHostTransportNode description: |- Host Transport Node queries result title: |- Host Transport Node queries result x-vmw-nsx-module: PolicyHostTransportNode ICMPTypeServiceEntry: allOf: - $ref: '#/definitions/ServiceEntry' - properties: icmp_code: description: |- ICMP message code format: int64 maximum: 255 minimum: 0 title: |- ICMP message code type: integer icmp_type: description: |- ICMP message type format: int64 maximum: 255 minimum: 0 title: |- ICMP message type type: integer protocol: enum: - ICMPv4 - ICMPv6 type: string required: - protocol type: object x-vmw-nsx-module: Policy description: |- A ServiceEntry that represents IPv4 or IPv6 ICMP protocol title: |- A ServiceEntry that represents IPv4 or IPv6 ICMP protocol x-vmw-nsx-module: Policy IGMPTypeServiceEntry: allOf: - $ref: '#/definitions/ServiceEntry' - type: object x-vmw-nsx-module: Policy description: |- A ServiceEntry that represents IGMP protocol title: |- A ServiceEntry that represents IGMP protocol x-vmw-nsx-module: Policy IPAddressExpression: allOf: - $ref: '#/definitions/Expression' - properties: ip_addresses: description: |- This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64". items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string maxItems: 4000 minItems: 1 title: |- Array of IP addresses type: array required: - ip_addresses type: object x-vmw-nsx-module: Policy description: |- Represents IP address expressions in the form of an array, to support addition of IP addresses in a group. Avoid creating groups with multiple IPAddressExpression. In future releases, group will be restricted to contain a single IPAddressExpression. To group IPAddresses, use nested groups instead of multiple IPAddressExpressions. title: |- IP address expression node x-vmw-nsx-module: Policy IPAddressList: description: |- Collection of IP Addresses. properties: ip_addresses: description: |- The array contains IP addresses. items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string maxItems: 4000 minItems: 1 title: |- Array of IP addresses type: array required: - ip_addresses title: |- IP Address collection. type: object x-vmw-nsx-module: Policy IPAddresses: properties: ip_addresses: description: |- The IP addresses in the form of IP Address, IP Range, CIDR, used as source IPs or destination IPs of filters. items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string minItems: 1 title: |- IPs of the filter type: array type: object x-vmw-nsx-module: PortMirroring IPDiscoveryProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: arp_nd_binding_timeout: default: 10 description: | This property controls the ARP and ND cache timeout period. It is recommended that this property be greater than the ARP/ND cache timeout on the VM. format: int32 maximum: 120 minimum: 5 title: |- ARP and ND cache timeout (in minutes) type: integer duplicate_ip_detection: $ref: '#/definitions/DuplicateIPDetectionOptions' ip_v4_discovery_options: $ref: '#/definitions/IPv4DiscoveryOptions' ip_v6_discovery_options: $ref: '#/definitions/IPv6DiscoveryOptions' tofu_enabled: default: true description: |- Indicates whether "Trust on First Use(TOFU)" paradigm is enabled. title: |- Is TOFU enabled or not type: boolean type: object x-vmw-nsx-module: PolicyIpDiscovery description: |- Using this profile to configure different options of IP Discovery title: |- IP Discovery Profile x-vmw-nsx-module: PolicyIpDiscovery IPDiscoveryProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IP Discovery profile list results items: $ref: '#/definitions/IPDiscoveryProfile' title: |- IP Discovery profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyIpDiscovery description: |- Paged collection of IP Discovery Profiles title: |- Paged collection of IP Discovery Profiles x-vmw-nsx-module: PolicyIpDiscovery IPFIXDFWCollector: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: collector_ip_address: description: | IP address for the IPFIX DFW collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid. format: ip type: string collector_port: description: |- Port for the IPFIX DFW collector. format: int32 maximum: 65535 minimum: 0 title: |- Port type: integer required: - collector_ip_address - collector_port type: object x-vmw-nsx-module: PolicyIPFIXDFW description: | IPFIX DFW data will be collected on collector Host IP and Port address should be provided for collector. title: |- IPFIX DFW Collector x-vmw-nsx-module: PolicyIPFIXDFW IPFIXDFWCollectorProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ipfix_dfw_collectors: description: |- It accepts Multiple Collectors. items: $ref: '#/definitions/IPFIXDFWCollector' minItems: 1 title: |- IPFIX DFW Collectors. type: array required: - ipfix_dfw_collectors type: object x-vmw-nsx-module: PolicyIPFIXDFW description: | IPFIX data for the NSX distributed firewall will be sent to the specified IPFIX collectors. title: |- IPFIX DFW Collector Profile x-vmw-nsx-module: PolicyIPFIXDFW IPFIXDFWCollectorProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPFIX DFW Collection Instances list results items: $ref: '#/definitions/IPFIXDFWCollectorProfile' title: |- IPFIX DFW Collection Instances list results type: array required: - results type: object x-vmw-nsx-module: PolicyIPFIXDFW description: |- Paged Collection of IPFIX DFW Collector Profile title: |- Paged Collection of IPFIX DFW Collector Profile x-vmw-nsx-module: PolicyIPFIXDFW IPFIXDFWProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: active_flow_export_timeout: default: 1 description: | For long standing active flows, IPFIX records will be sent per timeout period in minutes. format: int32 maximum: 60 minimum: 1 title: |- Active timeout (Minutes) type: integer ipfix_dfw_collector_profile_path: description: | Policy path for IPFIX collector profiles. IPFIX data from these logical segments will be sent to all specified IPFIX collectors. title: |- IPFIX collector Paths type: string observation_domain_id: default: 0 description: | An identifier that is unique to the exporting process and used to meter the flows. format: int32 maximum: 65536 minimum: 0 title: |- Observation domain ID type: integer priority: default: 0 description: | This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only. format: int32 maximum: 32000 minimum: 0 title: |- Config Priority type: integer required: - ipfix_dfw_collector_profile_path - active_flow_export_timeout type: object x-vmw-nsx-module: PolicyIPFIXDFW description: | IPFIX packets from source will be sent to IPFIX DFW collector. title: |- IPFIX DFW Profile x-vmw-nsx-module: PolicyIPFIXDFW IPFIXDFWProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPFIX DFW Profile list results items: $ref: '#/definitions/IPFIXDFWProfile' title: |- IPFIX DFW Profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyIPFIXDFW description: |- Paged Collection of IPFIX DFW Profile title: |- Paged Collection of IPFIX DFW Profile x-vmw-nsx-module: PolicyIPFIXDFW IPFIXL2Collector: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: collector_ip_address: description: | IP address for the IPFIX L2 collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid. format: ip type: string collector_port: default: 4739 description: |- Port number for the IPFIX L2 collector. format: int32 maximum: 65535 minimum: 0 title: |- Port type: integer required: - collector_ip_address type: object x-vmw-nsx-module: PolicyIPFIXSwitch description: | IPFIX packets will be collected on collector. IP and port address should be provided for collector. title: |- IPFIX L2 Collector x-vmw-nsx-module: PolicyIPFIXSwitch IPFIXL2CollectorProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ipfix_l2_collectors: description: |- It accepts Multiple Collector objects. items: $ref: '#/definitions/IPFIXL2Collector' maxItems: 4 minItems: 1 title: |- It accepts Multiple Collector objects. type: array required: - ipfix_l2_collectors type: object x-vmw-nsx-module: PolicyIPFIXSwitch description: | IPFIX L2 data will be collected on collectors. title: |- IPFIX L2 Collector Profile x-vmw-nsx-module: PolicyIPFIXSwitch IPFIXL2CollectorProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPFIX collector Profile list results items: $ref: '#/definitions/IPFIXL2CollectorProfile' title: |- IPFIX collector Profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyIPFIXSwitch description: |- Paged list of IPFIX collector profiles. title: |- Paged list of IPFIX collector profiles. x-vmw-nsx-module: PolicyIPFIXSwitch IPFIXL2Profile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: active_timeout: default: 300 description: | The time in seconds after a flow is expired even if more packets matching this flow are received by the cache. format: int32 maximum: 3600 minimum: 60 title: |- Active timeout type: integer export_overlay_flow: default: true description: | This property controls whether overlay flow info is included in the sample result. title: |- Export overlay Flow type: boolean idle_timeout: default: 300 description: | The time in seconds after a flow is expired if no more packets matching this flow are received by the cache. format: int32 maximum: 3600 minimum: 60 title: |- Idle timeout type: integer ipfix_collector_profile_path: description: | Policy path for IPFIX collector profile. User can specify only one IPFIX collector. title: |- IPFIX collector Path type: string max_flows: default: 16384 description: | The maximum number of flow entries in each exporter flow cache. format: int64 maximum: 4294967295 minimum: 0 title: |- Max flows type: integer observation_domain_id: default: 0 description: | An identifier that is unique to the exporting process and used to meter the flows. format: int64 maximum: 4294967295 minimum: 0 title: |- Observation domain ID type: integer packet_sample_probability: default: 0.1 description: | The probability in percentage that a packet is sampled, in range 0-100. The probability is equal for every packet. exclusiveMinimum: true maximum: 100 minimum: 0 title: |- Packet sample probability type: number priority: default: 0 description: | This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only. format: int32 maximum: 32000 minimum: 0 title: |- Config Priority type: integer required: - ipfix_collector_profile_path - packet_sample_probability type: object x-vmw-nsx-module: PolicyIPFIXSwitch description: | IPFIX data from source logical segment, port, group will be forwarded to IPFIX collector. title: |- IPFIX L2 Profile x-vmw-nsx-module: PolicyIPFIXSwitch IPFIXL2ProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPFIX L2 Profile list results items: $ref: '#/definitions/IPFIXL2Profile' title: |- IPFIX L2 Profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyIPFIXSwitch description: |- Paged Collection of IPFIX L2 Profile title: |- Paged Collection of IPFIX L2 Profile x-vmw-nsx-module: PolicyIPFIXSwitch IPInfo: properties: ip_addresses: description: |- IPv4 Addresses items: description: |- IPv4 address format: ipv4 type: string maxItems: 1 minItems: 1 title: |- IPv4 Addresses type: array prefix_length: description: |- Subnet Prefix Length format: int64 maximum: 32 minimum: 1 title: |- Subnet Prefix Length type: integer required: - ip_addresses - prefix_length type: object x-vmw-nsx-module: ServiceInsertionCommonTypes IPProtocolServiceEntry: allOf: - $ref: '#/definitions/ServiceEntry' - properties: protocol_number: format: int64 maximum: 255 minimum: 0 type: integer required: - protocol_number type: object x-vmw-nsx-module: Policy description: |- A ServiceEntry that represents an IP protocol title: |- A ServiceEntry that represents an IP protocol x-vmw-nsx-module: Policy IPSecVPNSessionTrafficSummary: description: |- IPSec VPN session traffic summary. properties: ipsec_vpn_session: $ref: '#/definitions/ResourceReference' traffic_counters: $ref: '#/definitions/IPSecVPNTrafficCounters' title: |- IPSec VPN session traffic summary type: object x-vmw-nsx-module: VPNStatistics IPSecVPNTrafficCounters: description: |- Traffic counters for IPSec VPN session. properties: bytes_in: description: |- Total number of bytes recevied. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: |- Total number of bytes sent. format: int64 readOnly: true title: |- Bytes out type: integer dropped_packets_in: description: |- Total number of incoming packets dropped on inbound security association. format: int64 readOnly: true title: |- Dropped incoming packets type: integer dropped_packets_out: description: |- Total number of outgoing packets dropped on outbound security association. format: int64 readOnly: true title: |- Dropped outgoing packets type: integer packets_in: description: |- Total number of packets received. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: |- Total number of packets sent. format: int64 readOnly: true title: |- Packets out type: integer title: |- IPSec VPN traffic counters type: object x-vmw-nsx-module: VPNStatistics IPSecVpnDpdProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dpd_probe_interval: description: | DPD probe interval defines an interval for DPD probes (in seconds). - When the DPD probe mode is periodic, this interval is the number of seconds between DPD messages. - When the DPD probe mode is on-demand, this interval is the number of seconds during which traffic is not received from the peer before DPD retry messages are sent if there is IPSec traffic to send. For PERIODIC Mode: Minimum: 3 Maximum: 360 Default: 60 For ON_DEMAND Mode: Minimum: 1 Maximum: 10 Default: 10 format: int64 title: |- DPD Probe Interval type: integer dpd_probe_mode: default: PERIODIC description: | DPD probe mode is used to query the liveliness of the peer. Two modes are possible: - PERIODIC: is used to query the liveliness of the peer at regular intervals (dpd_probe_interval). It does not take into consideration traffic coming from the peer. The benefit of this mode over the on-demand mode is earlier detection of dead peers. However, use of periodic DPD incurs extra overhead. When communicating to large numbers of peers, please consider using on-demand DPD instead. - ON_DEMAND: is used to query the liveliness of the peer by instructing the local endpoint to send DPD message to a peer if there is traffic to send to the peer AND the peer was idle for dpd_probe_interval seconds (i.e. there was no traffic from the peer for dpd_probe_interval seconds). enum: - PERIODIC - ON_DEMAND title: |- DPD Probe Mode type: string enabled: default: true description: |- If true, enable dead peer detection. title: |- Enable dead peer detection (DPD) type: boolean retry_count: default: 10 description: | Maximum number of DPD messages' retry attempts. This value is applicable for both dpd probe modes, periodic and on-demand. format: int64 maximum: 100 minimum: 1 title: |- Retry Count type: integer type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile. title: |- Dead peer detection (DPD) profile x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnDpdProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPSecVpnDpdProfile list results. items: $ref: '#/definitions/IPSecVpnDpdProfile' title: |- IPSecVpnDpdProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Paged Collection of IPSecVpnDpdProfile. title: |- Paged Collection of IPSecVpnDpdProfile x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnIkeProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dh_groups: description: |- Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14. items: description: | Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1048-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit Random Elliptic Curve (ECP) group. GROUP20 uses 384-bit Random ECP group. GROUP21 uses 521-bit Random ECP group. enum: - GROUP2 - GROUP5 - GROUP14 - GROUP15 - GROUP16 - GROUP19 - GROUP20 - GROUP21 type: string title: |- DH group type: array digest_algorithms: description: |- Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. A default value of SHA2_256 will be applied only when the supplied encryption algorithms contain either AES_128 or AES_256. items: description: | The IkeDigestAlgorithms are used to verify message integrity during Ike negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash. enum: - SHA1 - SHA2_256 - SHA2_384 - SHA2_512 type: string title: |- Algorithm for message hash type: array encryption_algorithms: description: |- Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128. items: description: | IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys. enum: - AES_128 - AES_256 - AES_GCM_128 - AES_GCM_192 - AES_GCM_256 type: string title: |- Encryption algorithm for IKE type: array ike_version: default: IKE_V2 description: |- IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2. enum: - IKE_V1 - IKE_V2 - IKE_FLEX title: |- IKE version type: string sa_life_time: default: 86400 description: |- Life time for security association. Default is 86400 seconds (1 day). format: int64 maximum: 31536000 minimum: 21600 title: |- Security association (SA) life time type: integer type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile. title: |- Internet key exchange (IKE) profile x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnIkeProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPSecVpnIkeProfile list results. items: $ref: '#/definitions/IPSecVpnIkeProfile' title: |- IPSecVpnIkeProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Paged Collection of IPSecVpnIkeProfile. title: |- Paged Collection of IPSecVpnIkeProfile x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnIkeSessionStatus: description: | Status for IPSec VPN Ike session UP, DOWN, NEGOTIATING and fail reason if Ike session is down. properties: fail_reason: description: | Reason for failure. readOnly: true title: |- Fail reason type: string ike_session_state: description: | Ike session service status UP, DOWN and NEGOTIATING. enum: - UP - DOWN - NEGOTIATING readOnly: true title: |- Ike session state type: string title: |- Ike session status type: object x-vmw-nsx-module: PolicyVPNStatistics IPSecVpnIkeTrafficStatistics: description: | Traffic statistics for IPSec VPN Ike session. Note - Not supported in this release. properties: bytes_in: description: |- Number of bytes in. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: |- Number of bytes out. format: int64 readOnly: true title: |- Bytes out type: integer fail_count: description: |- Fail count. format: int64 readOnly: true title: |- Fail count type: integer packets_in: description: |- Number of packets in. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: |- Number of packets out. format: int64 readOnly: true title: |- Packets out type: integer title: |- IPSec VPN Ike traffic statistics type: object x-vmw-nsx-module: PolicyVPNStatistics IPSecVpnLocalEndpoint: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: certificate_path: description: |- Policy path referencing site certificate. title: |- Certificate path type: string local_address: description: |- IPV4 Address of local endpoint. format: ipv4 type: string local_id: description: |- Local identifier. title: |- Local identifier type: string scope: description: |- Scope attribute refers to the Policy path identifying the LocaleService of specific site where all the local end point configurations will be realized. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope at the corresponding LM. Local endpoint without any scope will be realized on all sites. This attribute will not be applicable on LM. title: |- scope identify the site to which LocalEndpoint configuration associated with. Applicable only in GM type: string trust_ca_paths: description: |- List of policy paths referencing certificate authority (CA) to verify peer certificates. items: type: string title: |- Certificate authority (CA) paths type: array trust_crl_paths: description: |- List of policy paths referencing certificate revocation list (CRL) to peer certificates. items: type: string title: |- Certificate revocation list (CRL) paths type: array required: - local_address type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Local endpoint represents a tier-0/tier-1 on which tunnel needs to be terminated. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope attribute at the corresponding LM. Local endpoint without any scope will be realized on all sites. The scope attribute is applicable only on GM not on LM. title: |- IPSec VPN Local Endpoint x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnLocalEndpointListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPSecVpnLocalEndpoint list results. items: $ref: '#/definitions/IPSecVpnLocalEndpoint' title: |- IPSecVpnLocalEndpoint list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Paged Collection of IPSecVpnLocalEndpoint. title: |- Paged Collection of IPSecVpnLocalEndpoint x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnPolicyTrafficStatistics: description: | IPSec VPN policy traffic statistics. properties: aggregate_traffic_counters: $ref: '#/definitions/IPSecVpnTrafficCounters' rule_path: description: |- L3Vpn rule path. readOnly: true title: |- L3Vpn rule path type: string tunnel_statistics: description: |- Tunnel statistics. items: $ref: '#/definitions/IPSecVpnTunnelTrafficStatistics' readOnly: true title: |- Tunnel statistics type: array title: |- IPSec VPN policy traffic statistics type: object x-vmw-nsx-module: PolicyVPNStatistics IPSecVpnRule: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action: default: PROTECT description: | PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules. enum: - PROTECT - BYPASS readOnly: true title: |- Action to be applied type: string destinations: description: | List of peer subnets. Specifying no value is interpreted as 0.0.0.0/0. items: $ref: '#/definitions/IPSecVpnSubnet' maxItems: 128 title: |- Destination list type: array enabled: default: true description: |- A flag to enable/disable the rule. title: |- Enabled flag type: boolean logged: default: false description: |- A flag to enable/disable the logging for the rule. title: |- Logging flag type: boolean sequence_number: description: |- A sequence number is used to give a priority to an IPSecVpnRule. format: int32 minimum: 0 title: |- Sequence number of the IPSecVpnRule type: integer sources: description: | List of local subnets. Specifying no value is interpreted as 0.0.0.0/0. items: $ref: '#/definitions/IPSecVpnSubnet' maxItems: 128 title: |- Source list type: array type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: "For policy-based IPsec VPNs, a security policy specifies as its\ \ action the VPN tunnel to be used for transit traffic that meets the policy\u2019\ s match criteria." title: |- IPSec VPN Rule x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnService: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bypass_rules: description: | Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session. items: $ref: '#/definitions/IPSecVpnRule' title: |- Bypass Policy rules type: array enabled: default: true description: |- If true, enable VPN services under tier-0/tier-1. title: |- Enable virtual private network (VPN) service type: boolean ha_sync: default: true description: |- Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled if in case there are performance issues w.r.t. the state sync messages. title: |- Flag to enable IPSec HA State Sync type: boolean ike_log_level: default: INFO description: |- Log level for internet key exchange (IKE). enum: - DEBUG - INFO - WARN - ERROR - EMERGENCY title: |- Internet key exchange (IKE) log level type: string type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Create and manage IPSec VPN service under tier-0/tier-1. title: |- IPSec VPN service x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnServiceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPSecVpnService list results. items: $ref: '#/definitions/IPSecVpnService' title: |- IPSecVpnService list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Paged Collection of IPSecVpnService. title: |- Paged Collection of IPSecVpnService x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnSession: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: authentication_mode: default: PSK description: | Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication. enum: - PSK - CERTIFICATE title: |- Authentication Mode type: string compliance_suite: description: | Compliance suite. enum: - CNSA - SUITE_B_GCM_128 - SUITE_B_GCM_256 - PRIME - FOUNDATION - FIPS - NONE title: |- Compliance suite type: string connection_initiation_mode: default: INITIATOR description: | Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request. enum: - INITIATOR - RESPOND_ONLY - ON_DEMAND title: |- Connection initiation mode type: string dpd_profile_path: description: |- Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile. title: |- Dead peer detection (DPD) profile path type: string enabled: default: true description: |- Enable/Disable IPSec VPN session. title: |- Enable/Disable IPSec VPN session type: boolean ike_profile_path: description: |- Policy path referencing IKE profile to be used. Default is set according to system default profile. title: |- Internet key exchange (IKE) profile path type: string local_endpoint_path: description: |- Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. title: |- Local endpoint path type: string peer_address: description: |- Public IPV4 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. title: |- IPV4 address of peer endpoint on remote site type: string peer_id: description: |- Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. title: |- Peer id type: string psk: description: |- IPSec Pre-shared key. Maximum length of this field is 128 characters. title: |- Pre-shared key type: string resource_type: description: | A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site. enum: - PolicyBasedIPSecVpnSession - RouteBasedIPSecVpnSession type: string site_overrides: description: | A collection of site specific attributes specificed only on GM items: $ref: '#/definitions/SiteOverride' maxItems: 128 title: |- SiteOverride list type: array tcp_mss_clamping: $ref: '#/definitions/TcpMaximumSegmentSizeClamping' tunnel_profile_path: description: |- Policy path referencing Tunnel profile to be used. Default is set to system default profile. title: |- IPSec tunnel profile path type: string required: - resource_type type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- VPN session defines connection between local and peer endpoint. Until VPN session is defined configuration is not realized. title: |- IPSec VPN session x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnSessionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPSecVpnSession list results. items: $ref: '#/definitions/IPSecVpnSession' title: |- IPSecVpnSession list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Paged Collection of IPSecVpnSession. title: |- Paged Collection of IPSecVpnSession x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnSessionStatistics: allOf: - $ref: '#/definitions/L3VpnStatisticsPerEnforcementPoint' - properties: aggregate_traffic_counters: $ref: '#/definitions/IPSecVpnTrafficCounters' ike_status: $ref: '#/definitions/IPSecVpnIkeSessionStatus' ike_traffic_statistics: $ref: '#/definitions/IPSecVpnIkeTrafficStatistics' last_update_timestamp: description: | Timestamp when the data was last updated. format: int64 readOnly: true type: integer policy_statistics: description: | Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics. items: $ref: '#/definitions/IPSecVpnPolicyTrafficStatistics' readOnly: true title: |- IPSec policy statistics type: array type: object x-vmw-nsx-module: PolicyVPNStatistics description: | IPSec VPN session statistics represents statistics on an NSX-T type of enforcement point. It gives aggregated statistics of all policies for all the tunnels. title: |- IPSec VPN session statistics x-vmw-nsx-module: PolicyVPNStatistics IPSecVpnSessionStatisticsNsxT: allOf: - $ref: '#/definitions/IPSecVpnSessionStatisticsPerEP' - properties: aggregate_traffic_counters: $ref: '#/definitions/IPSecVpnTrafficCounters' display_name: description: |- Display Name of vpn session. readOnly: true title: |- Display Name type: string ike_status: $ref: '#/definitions/IPSecVpnIkeSessionStatus' ike_traffic_statistics: $ref: '#/definitions/IPSecVpnIkeTrafficStatistics' last_update_timestamp: description: | Timestamp when the data was last updated. format: int64 readOnly: true type: integer policy_statistics: description: | Gives aggregate traffic statistics across all ipsec tunnels and individual tunnel statistics. items: $ref: '#/definitions/IpSecVpnPolicyTrafficStatistics' readOnly: true title: |- IPSec policy statistics type: array type: object x-vmw-nsx-module: PolicyVpnStats description: | IPSec VPN session statistics represents statistics on an NSX-T type of enforcement point. It gives aggregated statistics of all policies for all the tunnels. title: |- IPSec VPN session statistics x-vmw-nsx-module: PolicyVpnStats IPSecVpnSessionStatisticsPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: enum: - IPSecVpnSessionStatisticsNsxT type: string required: - resource_type type: object x-vmw-nsx-module: PolicyVpnStats description: | IPSec VPN Session Statistics Per Enforcement Point. title: |- IPSec VPN Session Statistics Per Enforcement Point x-vmw-nsx-module: PolicyVpnStats IPSecVpnSessionStatusNsxT: allOf: - $ref: '#/definitions/IPSecVpnSessionStatusPerEP' - properties: aggregate_traffic_counters: $ref: '#/definitions/IPSecVpnTrafficCounters' display_name: description: |- Display Name of vpn session. readOnly: true title: |- Display Name type: string failed_tunnels: description: |- Number of failed tunnels. format: int64 readOnly: true title: |- Failed tunnels type: integer ike_status: $ref: '#/definitions/IPSecVpnIkeSessionStatus' last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer negotiated_tunnels: description: |- Number of negotiated tunnels. format: int64 readOnly: true title: |- Negotiated tunnels type: integer runtime_status: description: | Gives session status consolidated using IKE status and tunnel status. It can be UP, DOWN, DEGRADED. If IKE and all tunnels are UP status will be UP, if all down it will be DOWN, otherwise it will be DEGRADED. enum: - UP - DOWN - DEGRADED readOnly: true title: |- Session Runtime Status type: string total_tunnels: description: |- Total number of tunnels. format: int64 readOnly: true title: |- Total tunnels type: integer type: object x-vmw-nsx-module: PolicyVpnStats description: | IPSec VPN Session Status represents status on an NSX-T type of enforcement point. title: |- IPSec VPN session traffic summary x-vmw-nsx-module: PolicyVpnStats IPSecVpnSessionStatusPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: enum: - IPSecVpnSessionStatusNsxT type: string required: - resource_type type: object x-vmw-nsx-module: PolicyVpnStats description: | IPSec VPN Session Status Per Enforcement Point. title: |- IPSec VPN Session Status Per Enforcement Point x-vmw-nsx-module: PolicyVpnStats IPSecVpnSubnet: description: |- Used to specify the local/peer subnets in IPSec VPN rule. properties: subnet: description: |- Subnet used in policy rule. format: ipv4-cidr-block type: string required: - subnet title: |- Subnet for IPSec Policy based VPN type: object x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnTrafficCounters: description: |- Traffic counters for IPSec VPN session. properties: bytes_in: description: |- Total number of bytes recevied. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: |- Total number of bytes sent. format: int64 readOnly: true title: |- Bytes out type: integer dropped_packets_in: description: | Total number of incoming packets dropped on inbound security association. format: int64 readOnly: true title: |- Dropped incoming packets type: integer dropped_packets_out: description: | Total number of outgoing packets dropped on outbound security association. format: int64 readOnly: true title: |- Dropped outgoing packets type: integer packets_in: description: |- Total number of packets received. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: |- Total number of packets sent. format: int64 readOnly: true title: |- Packets out type: integer title: |- IPSec VPN traffic counters type: object x-vmw-nsx-module: PolicyVPNStatistics IPSecVpnTransportStatus: allOf: - $ref: '#/definitions/L2VPNSessionTransportTunnelStatus' - properties: session_status: $ref: '#/definitions/IPSecVpnSessionStatusNsxT' type: object x-vmw-nsx-module: PolicyVpnStats description: |- Provides IPSec VPN session status. title: |- IPSec VPN Session status x-vmw-nsx-module: PolicyVpnStats IPSecVpnTunnelInterface: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ip_subnets: description: |- IP Tunnel interface (commonly referred as VTI) subnet. items: $ref: '#/definitions/TunnelInterfaceIPSubnet' maxItems: 1 minItems: 1 title: |- IP Tunnel interface subnet type: array required: - ip_subnets type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- IP tunnel interface configuration. title: |- IP tunnel interface configuration x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnTunnelProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: df_policy: default: COPY description: |- Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet. enum: - COPY - CLEAR title: |- Policy for handling defragmentation bit type: string dh_groups: description: |- Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14. items: description: | Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1048-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit Random Elliptic Curve (ECP) group. GROUP20 uses 384-bit Random ECP group. GROUP21 uses 521-bit Random ECP group. enum: - GROUP2 - GROUP5 - GROUP14 - GROUP15 - GROUP16 - GROUP19 - GROUP20 - GROUP21 type: string title: |- Dh group type: array digest_algorithms: description: |- Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm "AES_GCM_128". items: description: | The IPSecDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash. enum: - SHA1 - SHA2_256 - SHA2_384 - SHA2_512 type: string title: |- Algorithm for message hash type: array enable_perfect_forward_secrecy: default: true description: |- If true, perfect forward secrecy (PFS) is enabled. title: |- Enable perfect forward secrecy type: boolean encryption_algorithms: description: |- Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128. items: description: | IPSecEncryptionAlgorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option. enum: - AES_128 - AES_256 - AES_GCM_128 - AES_GCM_192 - AES_GCM_256 - NO_ENCRYPTION_AUTH_AES_GMAC_128 - NO_ENCRYPTION_AUTH_AES_GMAC_192 - NO_ENCRYPTION_AUTH_AES_GMAC_256 - NO_ENCRYPTION type: string title: |- Encryption algorithm to use in IPSec tunnel establishement type: array extended_attributes: description: | Collection of type specific properties. As of now, to hold encapsulation mode and transform protocol. items: $ref: '#/definitions/AttributeVal' readOnly: true title: |- Extended Attributes. type: array sa_life_time: default: 3600 description: |- SA life time specifies the expiry time of security association. Default is 3600 seconds. format: int64 maximum: 31536000 minimum: 900 title: |- Security association (SA) life time type: integer type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and IPSec tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile. title: |- IPSec VPN tunnel profile x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnTunnelProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IPSecVpnTunnelProfile list results. items: $ref: '#/definitions/IPSecVpnTunnelProfile' title: |- IPSecVpnTunnelProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- Paged Collection of IPSecVpnTunnelProfile. title: |- Paged Collection of IPSecVpnTunnelProfile x-vmw-nsx-module: PolicyVpnIPSecVpn IPSecVpnTunnelTrafficStatistics: description: |- IPSec VPN tunnel traffic statistics. properties: bytes_in: description: | Total number of incoming bytes on inbound Security association. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: | Total number of outgoing bytes on outbound Security association. format: int64 readOnly: true title: |- Bytes out type: integer decryption_failures: description: | Total number of packets dropped due to decryption failures. format: int64 readOnly: true title: |- Decryption failures type: integer dropped_packets_in: description: | Total number of incoming packets dropped on inbound security association. format: int64 readOnly: true title: |- Dropped incoming packets type: integer dropped_packets_out: description: | Total number of outgoing packets dropped on outbound security association. format: int64 readOnly: true title: |- Dropped outgoing packets type: integer encryption_failures: description: | Total number of packets dropped because of failure in encryption. format: int64 readOnly: true title: |- Encryption failures type: integer integrity_failures: description: | Total number of packets dropped due to integrity failures. format: int64 readOnly: true title: |- Integrity failures type: integer local_subnet: description: | Local subnet to which a tunnel belongs. readOnly: true title: |- Local subnet type: string nomatching_policy_errors: description: | Number of packets dropped because of no matching policy is available. format: int64 readOnly: true title: |- Nomatching Policy errors type: integer packets_in: description: | Total number of incoming packets on inbound Security association. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: | Total number of outgoing packets on outbound Security association. format: int64 readOnly: true title: |- Packets out type: integer packets_received_other_error: description: | Total number of incoming packets dropped on inbound Security association. format: int64 readOnly: true title: |- Packets received other error type: integer packets_sent_other_error: description: | Total number of packets dropped while sending for any reason. format: int64 readOnly: true title: |- Packets sent other error type: integer remote_subnet: description: | Peer subnet to which a tunnel belongs. readOnly: true title: |- Peer subnet type: string replay_errors: description: | Total number of packets dropped due to replay check on that Security association. format: int64 readOnly: true title: |- Replay errors type: integer sa_mismatch_errors_in: description: | Totoal number of security association mismatch errors on incoming packets. format: int64 readOnly: true title: |- Security association mismatch errors on incoming packets. type: integer sa_mismatch_errors_out: description: | Totoal number of security association mismatch errors on outgoing packets. format: int64 readOnly: true title: |- Security association mismatch errors on outgoing packets type: integer seq_number_overflow_error: description: | Total number of packets dropped while sending due to overflow in sequence number. format: int64 readOnly: true title: |- Sequence number overflow error type: integer tunnel_down_reason: description: | Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty. readOnly: true title: |- Tunnel down reason type: string tunnel_status: description: | Specifies the status of tunnel, if it is UP/DOWN. enum: - UP - DOWN readOnly: true title: |- Tunnel Status type: string title: |- IPSec VPN tunnel traffic statistics type: object x-vmw-nsx-module: PolicyVPNStatistics IPSubnet: properties: ip_addresses: description: | All IP addresses, some of which may be automatically configured. When updating this field, the payload may contain only the IP addresses that should be changed, or may contain the IP addresses to change as well as the automatically assigned addresses. Currently, only one updatable address and one system-maintained address are supported. Currently, the system-maintained address supported is Extended Unique Identifier(EUI)-64 address. EUI-64 address is generated by the system only when user configured ip-subnet has prefix length less than or equal to 64. items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 2 minItems: 1 title: |- IP Addresses type: array prefix_length: description: |- Subnet Prefix Length format: int64 maximum: 128 minimum: 1 title: |- Subnet Prefix Length type: integer required: - ip_addresses - prefix_length type: object x-vmw-nsx-module: LogicalRouterPorts IPsecVPNIKESessionSummary: description: |- IPSec VPN session status summary, gives total, failed, degraded and established IPSec VPN sessions. properties: degraded_sessions: description: |- Number of degraded sessions. format: int64 readOnly: true title: |- Degraded sessions type: integer established_sessions: description: |- Number of established sessions. format: int64 readOnly: true title: |- Established sessions type: integer failed_sessions: description: |- Number of failed sessions. format: int64 readOnly: true title: |- Failed sessions type: integer total_sessions: description: |- Total sessions configured. format: int64 readOnly: true title: |- Total sessions type: integer title: |- IPSec VPN session status summary type: object x-vmw-nsx-module: VPNStatistics IPv4DiscoveryOptions: description: |- Contains IPv4 related discovery options. properties: arp_snooping_config: $ref: '#/definitions/ArpSnoopingConfig' dhcp_snooping_enabled: default: true description: |- Indicates whether DHCP snooping is enabled title: |- Is DHCP snooping enabled or not type: boolean vmtools_enabled: default: true description: | Indicates whether fetching IP using vm-tools is enabled. This option is only supported on ESX where vm-tools is installed. title: |- Is VM tools enabled or not type: boolean title: |- IPv4 discovery options type: object x-vmw-nsx-module: PolicyIpDiscovery IPv6DADStatus: description: |- IPv6 DAD status properties: ip_address: description: | IP address on the port for which DAD status is reported. format: ip readOnly: true type: string status: description: | DAD status for IP address on the port. enum: - DUPLICATED - TENTATIVE - ASSIGNED - NOT_APPLICABLE - UNKNOWN readOnly: true type: string transport_node: description: | Array of transport node id on which DAD status is reported for given IP address. items: $ref: '#/definitions/ResourceReference' readOnly: true title: |- Transport node type: array title: |- IPv6 DAD status type: object x-vmw-nsx-module: LogicalRouterPorts IPv6DiscoveryOptions: description: |- Contains IPv6 related discovery options. properties: dhcp_snooping_v6_enabled: default: false description: | Enable this method will snoop the DHCPv6 message transaction which a VM makes with a DHCPv6 server. From the transaction, we learn the IPv6 addresses assigned by the DHCPv6 server to this VM along with its lease time. title: |- Is DHCP snoping v6 enabled or not type: boolean nd_snooping_config: $ref: '#/definitions/NdSnoopingConfig' vmtools_v6_enabled: default: false description: | Enable this method will learn the IPv6 addresses which are configured on interfaces of a VM with the help of the VMTools software. type: boolean title: |- IPv6 discovery options type: object x-vmw-nsx-module: PolicyIpDiscovery IPv6Status: description: |- IPv6 status properties: connected_segment_path: description: | Path of the segment attached to the interface. readOnly: true title: |- Connected segment path type: string dad_statuses: description: | Array of DAD status which contains DAD information for IP addresses on the interface. items: $ref: '#/definitions/IPv6DADStatus' readOnly: true title: |- IPv6 DAD status type: array interface_id: description: | Policy path or realization ID of interface for which IPv6 DAD status is returned. title: |- Policy path or realization ID of interface type: string tier0_gateway: description: | Tier-0 Gateway this router Link belongs to. title: |- Tier-0 Gateway type: string tier1_gateway: description: | Tier-1 Gateway this router Link belongs to. title: |- Tier-1 Gateway type: string title: |- IPv6 status type: object x-vmw-nsx-module: PolicyConnectivityStatistics IcmpEchoRequestHeader: properties: id: default: 0 description: |- ICMP id format: int64 maximum: 65535 minimum: 0 title: |- ICMP id type: integer sequence: default: 0 description: |- ICMP sequence number format: int64 maximum: 65535 minimum: 0 title: |- ICMP sequence number type: integer type: object x-vmw-nsx-module: Traceflow Icon: description: |- Icon to be applied at dashboard for widgets and UI elements. properties: color: description: |- Icon color applied to icon in hex format. title: |- Icon color applied to icon in hex format type: string placement: default: PRE description: |- If specified as PRE, the icon appears before the UI element. If set as POST, the icon appears after the UI element. enum: - PRE - POST title: |- Position at which to display icon, if any type: string size: description: |- Icon size in unit applied to icon.A unit can be specified by the 'size_unit' property. minimum: 1 title: |- Icon size in unit type: number size_unit: description: |- Icon size unit applied to icon along with size. if 'size' property value is provided and no value is provided for this property then default value for this proerty is set to 'px'. enum: - px - rem - pc title: |- Icon size unit in rem/px/pc type: string tooltip: description: |- Multi-line text to be shown on tooltip while hovering over the icon. items: $ref: '#/definitions/Tooltip' title: |- Multi-line tooltip type: array type: description: |- Icon will be rendered based on its type. For example, if ERROR is chosen, then icon representing error will be rendered. or else custom svg icon name can be given. title: |- Type of icon type: string title: |- Icon type: object x-vmw-nsx-module: NsxDashboard IdentityGroupExpression: allOf: - $ref: '#/definitions/Expression' - properties: identity_groups: description: |- This array consists of set of identity group object. All members within this array are implicitly OR'ed together. items: $ref: '#/definitions/IdentityGroupInfo' maxItems: 500 minItems: 1 title: |- Array of identity group type: array required: - identity_groups type: object x-vmw-nsx-module: Policy description: |- Represents a list of identity group (Ad group SID) expressions. title: |- IdentityGroup expression node x-vmw-nsx-module: Policy IdentityGroupInfo: description: |- Identity (Directory) group properties: distinguished_name: description: | Each LDAP object is uniquely identified by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas. e.g. CN=Larry Cole,CN=admin,DC=corp,DC=acme,DC=com. A valid fully qualified distinguished name should be provided to include specific groups else the create / update realization of the Group containing an invalid/ partial DN will fail. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server. title: |- LDAP distinguished name type: string domain_base_distinguished_name: description: | This is the base distinguished name for the domain where this particular group resides. (e.g. dc=example,dc=com) Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head. title: |- Identity (Directory) domain base distinguished name type: string sid: description: | A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components: The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID. This field is only populated for Microsoft Active Directory identity store. title: |- Identity (Directory) Group SID (security identifier) type: string required: - distinguished_name - domain_base_distinguished_name title: |- Identity (Directory) group type: object x-vmw-nsx-module: PolicyIdentity IdentitySourceLdapServer: description: |- Information about a single LDAP server. properties: bind_identity: description: |- A username used to authenticate to the directory when admnistering roles in NSX. This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. administrator@airius.com) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com). title: |- Username or DN for LDAP authentication type: string certificates: description: |- If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case. items: type: string title: |- TLS certificate(s) for LDAP server(s) type: array enabled: default: true description: |- Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users. title: |- If true, this LDAP server is enabled type: boolean password: description: |- A password used when authenticating to the directory. title: |- Username for LDAP authentication type: string url: description: |- The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme. title: |- The URL for the LDAP server type: string use_starttls: default: false description: | If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS. title: |- Enable/disable StartTLS type: boolean required: - url title: |- An LDAP server type: object x-vmw-nsx-module: LdapIdentitySources IdentitySourceLdapServerEndpoint: description: |- Information about a single LDAP server endpoint. properties: url: description: |- The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme. title: |- The URL for the LDAP server type: string use_starttls: default: false description: | If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS. title: |- Eanble/disable StartTLS type: boolean required: - url title: |- An LDAP server endpoint type: object x-vmw-nsx-module: LdapIdentitySources IdentitySourceLdapServerProbeResult: description: |- The results of probing an individual LDAP server. properties: errors: description: |- Detail about errors encountered during the probe. items: $ref: '#/definitions/LdapProbeError' title: |- Error details type: array result: description: |- Overall result of the probe. If the probe was able to connect to the LDAP service, authenticate using the provided credentials, and perform searches of the configured user and group search bases without error, the result is SUCCESS. Otherwise, the result is FAILURE, and additional details may be found in the errors property. enum: - SUCCESS - FAILURE title: |- Overall result type: string url: description: |- THe URL of the probed LDAP host. title: |- LDAP Server URL type: string title: |- Results from one LDAP server probe type: object x-vmw-nsx-module: LdapIdentitySources IdfwComputeCollectionCondition: description: |- Status of the Identity Firewall enabled Compute collection. properties: status: description: |- IDFW enabled Compute collection status. enum: - UNKNOWN - UP - DOWN - DFW_DISABLED - IDFW_ENABLED - IDFW_DISABLED title: |- IDFW enabled Compute collection status. type: string status_detail: description: |- Status of the Compute collection. title: |- Compute collection status. type: string required: - status title: |- IDFW Compute collection status. type: object x-vmw-nsx-module: IdentityFirewall IdfwComputeCollectionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Array of IDFW compute collection Ids and status connected to VC. items: $ref: '#/definitions/IdfwComputeCollectionStatus' title: |- List of IDFW ComputeCollection. type: array required: - results type: object x-vmw-nsx-module: IdentityFirewall description: |- List of compute collection ids and status connected to VC. title: |- List of IDFW enabled compute collections connected to VC x-vmw-nsx-module: IdentityFirewall IdfwComputeCollectionStatus: description: |- compute collection ID and status connected to VC. properties: compute_collection_id: description: |- IDFW compute collection ID connected to VC. title: |- IDFW compute collection ID. type: string compute_collection_status: description: |- IDFW enabled compute collection status. items: $ref: '#/definitions/IdfwComputeCollectionCondition' title: |- Compute collection status. type: array required: - compute_collection_id title: |- IDFW compute collection ID and status. type: object x-vmw-nsx-module: IdentityFirewall IdfwDirGroupUserSessionMapping: description: | Identity Firewall NSGorup to user mapping to link DirGroup to user session data. properties: dir_group_id: description: |- Directory Group ID. readOnly: true title: |- Directory Group ID type: string user_id: description: |- User ID. readOnly: true title: |- User ID type: string title: |- Identity Firewall NSGorup to user mapping to link DirGroup to user session data type: object x-vmw-nsx-module: IdentityFirewall IdfwSystemStats: description: |- Identity Firewall statistics data. properties: num_concurrent_users: description: | Number of concurrent logged on users (across VDI & RDSH). Multiple logins by the same user is counted as 1. format: int32 title: |- Number of concurrent logged on users (across VDI & RDSH) type: integer num_user_sessions: description: | Number of active user sessions/logins in IDFW enabled compute collections (including both UP and DOWN hosts). N sessions/logins by the same user is counted as n. format: int32 title: |- Number of active user sessions/logins type: integer required: - num_concurrent_users - num_user_sessions title: |- Identity Firewall statistics data type: object x-vmw-nsx-module: IdentityFirewall IdfwTransportNodeCondition: description: | Status of the Identity Firewall Compute Collection's transport node. properties: status: description: |- Transport node status for IDFW compute collection. enum: - UNKNOWN - UP - DOWN - NOT_PREPARED - IDFW_COMPONENT_NOT_INSTALLED - DFW_DISABLED - IDFW_DISABLED title: |- IDFW TransportNode status. type: string status_detail: description: |- IDFW Compute collection's transport node condition. title: |- IDFW transport node condition. type: string required: - status title: |- IDFW transport node status. type: object x-vmw-nsx-module: IdentityFirewall IdfwTransportNodeStatus: description: | ID and status of the Identity Firewall enabled Compute collection's transport node. properties: transport_node_id: description: | TransportNode ID of the Identity Firewall enabled Compute collection's transport node. title: |- IDFW TransportNode ID. type: string transport_node_status: description: |- Status of the IDFW transport node. items: $ref: '#/definitions/IdfwTransportNodeCondition' title: |- IDFW TransportNode status. type: array required: - transport_node_status - transport_node_id title: |- IDFW transport node ID and status. type: object x-vmw-nsx-module: IdentityFirewall IdfwTransportNodeStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: | List of transport node ids and status for idfw enabled Compute collection. items: $ref: '#/definitions/IdfwTransportNodeStatus' title: |- IDFW enabled Compute collection transport node list. type: array required: - results type: object x-vmw-nsx-module: IdentityFirewall description: | Status of the Identity Firewall enabled Compute collection transport nodes. title: |- IDFW enabled Compute collection transport node and status list. x-vmw-nsx-module: IdentityFirewall IdfwUserSessionData: description: | Identity Firewall user session data on a client machine (typically a VM). Multiple entries for the same user can be returned if the user logins to multiple sessions on the same VM. properties: domain_name: description: |- AD Domain of user. title: |- AD Domain type: string id: description: |- Identifier of user session data. readOnly: true title: |- User session data Identifier type: string login_time: description: |- Login time. format: int64 type: integer logout_time: description: | Logout time if applicable. An active user session has no logout time. Non-active user session is stored (up to last 5 most recent entries) per VM and per user. format: int64 type: integer session_source: description: | User session source can be one of: - GI (Guest Introspection) - ELS (AD Event log server) - LI (Log Insight) enum: - GI - ELS - LI readOnly: true title: |- Source for the user session type: string user_id: description: |- AD user ID (may not exist). readOnly: true title: |- AD user ID (may not exist) type: string user_name: description: |- AD user name. title: |- AD user name type: string user_session_id: description: |- User session ID. This also indicates whether this is VDI / RDSH. format: int32 title: |- User session ID type: integer vm_ext_id: description: |- Virtual machine (external ID or BIOS UUID) where login/logout events occurred. readOnly: true title: |- Virtual machine external ID or BIOS UUID type: string required: - login_time - user_name - domain_name - user_session_id title: |- Identity Firewall user session data on client machine type: object x-vmw-nsx-module: IdentityFirewall IdfwUserSessionDataAndMappings: description: | Identity Firewall user session data list and Directory Group to user mappings. properties: active_user_sessions: description: |- Active user session data list items: $ref: '#/definitions/IdfwUserSessionData' title: |- Active user session data list type: array archived_user_sessions: description: |- Archived user session data list items: $ref: '#/definitions/IdfwUserSessionData' title: |- Archived user session data list type: array dir_group_to_user_session_data_mappings: description: |- Directory Group to user session data mappings items: $ref: '#/definitions/IdfwDirGroupUserSessionMapping' title: |- Directory Group to user session data mappings type: array required: - archived_user_sessions - active_user_sessions - dir_group_to_user_session_data_mappings title: |- Identity Firewall user session data list and Directory Group to user mappings type: object x-vmw-nsx-module: IdentityFirewall IdfwUserStats: description: |- Identity Firewall user login/session data for a single user. properties: active_sessions: description: |- List of active (still logged in) user login/sessions data (no limit) items: $ref: '#/definitions/IdfwUserSessionData' title: |- List of active (still logged in) user login/sessions data (no limit) type: array archived_sessions: description: | Optional list of up to 5 most recent archived (previously logged in) user login/session data. items: $ref: '#/definitions/IdfwUserSessionData' title: |- List of archived (previously logged in) user login/session data type: array user_id: description: |- AD user Identifier (String ID) readOnly: true title: |- AD user Identifier (String ID) type: string required: - active_sessions title: |- Identity Firewall user login/session data for a single user type: object x-vmw-nsx-module: IdentityFirewall IdfwVirtualMachineCondition: description: |- Status of the Identity Firewall compute collection's VM. properties: status: description: |- VM IDFW Status. enum: - UNKNOWN - UP - DOWN - VM_TOOLS_NOT_INSTALLED - IDFW_NOT_SUPPORTED - DFW_DISABLED - IDFW_DISABLED title: |- VM IDFW Status. type: string status_detail: description: |- IDFW compute collection's VM condition. title: |- IDFW VM condition. type: string required: - status title: |- IDFW VM Status. type: object x-vmw-nsx-module: IdentityFirewall IdfwVirtualMachineStatus: description: | ID and status of the VM on Identity Firewall compute collection. properties: vm_id: description: | VM ID of the VM on Identity Firewall compute collection. title: |- IDFW Virtual Machine ID. type: string vm_status: description: | Status of the Identity Firewall compute collection's Virtual Machine. items: $ref: '#/definitions/IdfwVirtualMachineCondition' title: |- IDFW VM status. type: array required: - vm_status - vm_id title: |- IDFW VM ID and status. type: object x-vmw-nsx-module: IdentityFirewall IdfwVirtualMachineStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of VM's on Identity Firewall Compute collection. items: $ref: '#/definitions/IdfwVirtualMachineStatus' title: |- IDFW Virtual machine list. type: array required: - results type: object x-vmw-nsx-module: IdentityFirewall description: | VM ID and status of the Identity Firewall Compute collection. title: |- IDFW VM ID and status. x-vmw-nsx-module: IdentityFirewall IdfwVmDetail: description: |- Identity Firewall user login/session data for a single VM properties: last_login_user_session: $ref: '#/definitions/ResourceReference' user_sessions: description: |- List of user session data. items: $ref: '#/definitions/IdfwUserSessionData' title: |- List of user session data type: array vm_ext_id: description: |- Virtual machine (external ID or BIOS UUID) where login/logout event occurred. title: |- Virtual machine external ID or BIOS UUID type: string vm_ip_addresses: description: |- List of client machine IP addresses. items: type: string title: |- Client VM IP addresses type: array required: - vm_ext_id - user_sessions title: |- Identity Firewall user login/session data for a single VM type: object x-vmw-nsx-module: IdentityFirewall IdfwVmStats: description: |- Identity Firewall user login/session data for a single VM. properties: active_sessions: description: |- List of active (still logged in) user login/sessions data (no limit) items: $ref: '#/definitions/IdfwUserSessionData' title: |- List of active (still logged in) user login/sessions data (no limit) type: array archived_sessions: description: |- Optional list of up to 5 most recent archived (previously logged in) user login/session data. items: $ref: '#/definitions/IdfwUserSessionData' title: |- Optional list of archived (previously logged in) user login/session data (maximum 5) type: array vm_ext_id: description: |- Virtual machine (external ID or BIOS UUID) where login/logout event occurred. title: |- Virtual machine external ID or BIOS UUID type: string required: - vm_ext_id - active_sessions title: |- Identity Firewall user login/session data for a single VM type: object x-vmw-nsx-module: IdentityFirewall IdsClusterConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cluster: $ref: '#/definitions/PolicyResourceReference' ids_enabled: description: |- If set to true, IDS is enabled on the respective cluster readOnly: false title: |- Ids enabled flag type: boolean required: - cluster - ids_enabled type: object x-vmw-nsx-module: PolicyIDS description: | IDS configuration to enable/disable IDS on cluster level. title: |- Intrusion Detection System cluster configuration x-vmw-nsx-module: PolicyIDS IdsClusterConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Cluster wise IDS configuration list results items: $ref: '#/definitions/IdsClusterConfig' title: |- Cluster wise IDS configuration list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDS description: |- Paged collection of IDS cluster configuration title: |- Paged collection of IDS cluster configuration x-vmw-nsx-module: PolicyIDS IdsGatewayPolicy: allOf: - $ref: '#/definitions/IdsPolicy' - type: object x-vmw-nsx-module: PolicyIDSGateway description: | Represents the Intrusion Detection System Gateway Policy, which contains the list of IDS Rules. title: |- Contains ordered list of IDS Rules x-vmw-nsx-module: PolicyIDSGateway IdsGatewayPolicyListResult: allOf: - $ref: '#/definitions/PolicyListResult' - properties: results: description: |- IDS Gateway policy list results items: $ref: '#/definitions/IdsGatewayPolicy' title: |- IDS Gateway policy list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDSGateway description: |- Paged collection of IDS Gateway policies title: |- Paged collection of IDS Gateway policies x-vmw-nsx-module: PolicyIDSGateway IdsGlobalEventConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ids_data_topic_name: default: ids_data description: |- kafka topic into which to publish IDS events. title: |- kafka topic into which to publish IDS events. type: string publish_ids_events: default: false description: | When this flag is set to true, IDS events will be sent to kafka, for consumption by components such as NSX-I and NDR. title: |- A flag to indicate if IDS events need to be sent to kafka type: boolean type: object x-vmw-nsx-module: PolicyIDS description: | Represents IDS event publishing configuration for NSX-I and NDR. title: | Intrusion Detection System global event configuration x-vmw-nsx-module: PolicyIDS IdsPolicy: allOf: - $ref: '#/definitions/Policy' - properties: rules: description: |- IDS Rules that are a part of this SecurityPolicy items: $ref: '#/definitions/IdsRule' title: |- IDS Rules that are a part of this SecurityPolicy type: array type: object x-vmw-nsx-module: PolicyIDS description: | Represents the Intrusion Detection System Policy, which contains the list of IDS Rules. title: |- Contains ordered list of IDS Rules x-vmw-nsx-module: PolicyIDS IdsProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: criteria: description: | Represents the filtering criteria for the IDS Profile. 1. A non-empty criteria list, must be of odd size. In a list, with indices starting from 0, all IdsProfileFilterCriteria must be at even indices, separated by the IdsProfileConjunctionOperator AND at odd indices. 2. There may be at most 7 IdsProfileCriteria objects inside a list. items: $ref: '#/definitions/IdsProfileCriteria' maxItems: 7 title: |- Filtering criteria of IDS Profile type: array overridden_signatures: description: | Represents the signatures that has been overridden for this Profile. items: $ref: '#/definitions/IdsProfileLocalSignature' title: |- Represents the signatures that is overridden for the Profile type: array profile_severity: description: | Represents the severities of signatures which are part of this profile. items: description: |- Intrusion Detection System Profile severity enum: - CRITICAL - HIGH - MEDIUM - LOW - SUSPICIOUS type: string title: |- IDS Profile severity type: array severities: description: | Represents the severities of signatures which are part of this profile. items: $ref: '#/definitions/IdsProfileSeverity' title: |- IDS Profile severity type: array x-deprecated: true type: object x-vmw-nsx-module: PolicyIDS description: | IDS Profile which contains the signatures and will be used in IDS rules. title: |- Intrusion Detection System Profile x-vmw-nsx-module: PolicyIDS IdsProfileConjunctionOperator: allOf: - $ref: '#/definitions/IdsProfileCriteria' - properties: operator: description: |- IDS Profile Filter Condition enum: - AND title: |- IDS Profile Filter Condition type: string required: - operator type: object x-vmw-nsx-module: PolicyIDS description: |- Represents the operator AND. title: |- Represents the operator AND x-vmw-nsx-module: PolicyIDS IdsProfileCriteria: description: | All the filtering criteria objects extend from this abstract class. This is present for extensibility. discriminator: resource_type properties: resource_type: enum: - IdsProfileConjunctionOperator - IdsProfileFilterCriteria type: string required: - resource_type title: |- Base class for IDS Profile criteria type: object x-vmw-nsx-module: PolicyIDS IdsProfileFilterCriteria: allOf: - $ref: '#/definitions/IdsProfileCriteria' - properties: filter_name: description: | Represents the filter for IDS Profile. enum: - CVSS - ATTACK_TARGET - ATTACK_TYPE - PRODUCT_AFFECTED title: |- Represents the filter name type: string filter_value: description: | Represents the value of selected filter name. Note : The supported values for filter name CVSS are NONE, LOW, MEDIUM, HIGH, CRITICAL. NONE means CVSS score as 0.0 LOW means CVSS score as 0.1-3.9 MEDIUM means CVSS score as 4.0-6.9 HIGH means CVSS score as 7.0-8.9 CRITICAL means CVSS score as 9.0-10.0 items: type: string title: |- Represents the value of selected filter name type: array required: - filter_value - filter_name type: object x-vmw-nsx-module: PolicyIDS description: |- Represents the filtering criteria of a IDS Profile. title: |- IDS Profile filter criteria x-vmw-nsx-module: PolicyIDS IdsProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IDS profile list results items: $ref: '#/definitions/IdsProfile' title: |- IDS profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDS description: |- Paged collection of IDS profiles title: |- Paged collection of IDS profiles x-vmw-nsx-module: PolicyIDS IdsProfileLocalSignature: allOf: - $ref: '#/definitions/GlobalIdsSignature' - type: object x-vmw-nsx-module: PolicyIDS description: | IDS Profile local signature. title: |- IDS Profile local signature x-vmw-nsx-module: PolicyIDS IdsProfileSeverity: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ignore_signatures: description: | Contains the id of signatures that will be ignored as part of the profile. This field is deprecated, please use ignore_signatures field under IdsProfile to ignore the signatures. items: type: string title: |- Represents the signatures that will be ignored type: array severity: description: | Represents the severity of a profile. enum: - CRITICAL - HIGH - MEDIUM - LOW - SUSPICIOUS title: |- Severity of profile type: string required: - severity type: object x-vmw-nsx-module: PolicyIDS description: | Intrusion Detection System Profile severity. title: |- Intrusion Detection System Profile severity x-vmw-nsx-module: PolicyIDS IdsProfileSignatures: description: | An entity that holds the list of IDS signatures attached to an IDS Profile depending upon the Profile's criteria. These are the Signatures which needs to be detected. properties: profile_path: description: | Represents the Path of the IDS Profile. title: |- IDS Profile path type: string signatures: description: |- List of IDS signature ids which need to be detected. items: type: string maxItems: 30000 minItems: 1 title: |- IDS Signatures type: array title: |- IDS Profile Signatures type: object x-vmw-nsx-module: PolicyIDS IdsRule: allOf: - $ref: '#/definitions/BaseRule' - properties: action: description: | The action to be applied. enum: - DETECT - DETECT_PREVENT title: |- Action type: string ids_profiles: description: | collections of IDS or Anti-Malware profiles. At Max 1 each Profile will be supported. items: type: string maxItems: 2 minItems: 1 title: |- IDS profiles type: array type: object x-vmw-nsx-module: PolicyIDS description: |- Represents the Intrusion Detection System rule which indicates the action to be performed for the corresponding workload groups. title: |- A rule specifies the IDS security policy rule between the workload groups x-vmw-nsx-module: PolicyIDS IdsRuleListResult: allOf: - $ref: '#/definitions/BaseRuleListResult' - properties: results: description: |- IDS rule list results items: $ref: '#/definitions/IdsRule' title: |- IDS rule list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDS description: |- Paged collection of IDS rules title: |- Paged collection of IDS rules x-vmw-nsx-module: PolicyIDS IdsRuleStatistics: allOf: - $ref: '#/definitions/RuleStatistics' - type: object x-vmw-nsx-module: PolicyIDSStats description: | IDS Rule Statistics. title: |- IDS Rule Statistics x-vmw-nsx-module: PolicyIDSStats IdsRuleStatisticsForEnforcementPoint: description: |- IDS Rule statistics for a specfic enforcement point. properties: enforcement_point: description: |- IDS Rule statistics for a single enforcement point readOnly: true title: |- Enforcement point path type: string statistics: $ref: '#/definitions/IdsRuleStatistics' title: |- IDS Rule statistics for an enforcement point type: object x-vmw-nsx-module: PolicyIDSStats IdsRuleStatisticsListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IdsRuleStatistics list results items: $ref: '#/definitions/IdsRuleStatisticsForEnforcementPoint' title: |- IdsRuleStatistics list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDSStats description: |- Paged Collection of IDS rule statistics title: |- Paged Collection of IDS rule statistics x-vmw-nsx-module: PolicyIDSStats IdsSecurityPolicy: allOf: - $ref: '#/definitions/IdsPolicy' - type: object x-vmw-nsx-module: PolicyIDS description: | Represents the Intrusion Detection System Security Policy, which contains the list of IDS Rules. title: |- Contains ordered list of IDS Rules x-vmw-nsx-module: PolicyIDS IdsSecurityPolicyListResult: allOf: - $ref: '#/definitions/PolicyListResult' - properties: results: description: |- IDS security policy list results items: $ref: '#/definitions/IdsSecurityPolicy' title: |- IDS security policy list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDS description: |- Paged collection of IDS security policies title: |- Paged collection of IDS security policies x-vmw-nsx-module: PolicyIDS IdsSecurityPolicyStatistics: allOf: - $ref: '#/definitions/SecurityPolicyStatistics' - type: object x-vmw-nsx-module: PolicyIDSStats description: | IDS RSecurity Policy Statistics. title: |- IDS Security Policy Statistics x-vmw-nsx-module: PolicyIDSStats IdsSecurityPolicyStatisticsForEnforcementPoint: description: | Aggregate statistics of all the IDS rules in a security policy for a specific enforcement point. properties: enforcement_point: description: |- Enforcement point to fetch the statistics from. readOnly: true title: |- Enforcement point path type: string statistics: $ref: '#/definitions/IdsSecurityPolicyStatistics' title: |- IDS Security policy statistics for an enforcement point type: object x-vmw-nsx-module: PolicyIDSStats IdsSecurityPolicyStatisticsListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IDS Security Policy statistics list results items: $ref: '#/definitions/IdsSecurityPolicyStatisticsForEnforcementPoint' title: |- IDS Security Policy statistics list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDSStats description: |- Paged Collection of IDS Security Policy statistics title: |- Paged Collection of IDS Security Policy statistics x-vmw-nsx-module: PolicyIDSStats IdsSettings: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: auto_update: default: false description: | Parameter to let the user decide whether to update the IDS Signatures automatically or not. title: |- Auto update signatures flag type: boolean ids_events_to_syslog: default: false description: | Flag to send IDS events to syslog server. title: |- Flag to send IDS events to syslog server. type: boolean ids_ever_enabled: description: | Flag which tells whether IDS was ever enabled. readOnly: true title: |- Flag which tells whether IDS was ever enabled. type: boolean type: object x-vmw-nsx-module: PolicyIDS description: | Represents the Intrusion Detection System settings. title: | Intrusion Detection System settings x-vmw-nsx-module: PolicyIDS IdsSignature: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action: description: | Signature action. title: |- Represents the signature's action type: string attack_target: description: | Target of the signature. title: |- Signature attack target type: string categories: description: | Represents the internal categories a signature belongs to. items: description: | Represents the internal categories. APPLICATION : IDS signature having protocol comes under APPLICATION internal category. MALWARE: IDS signature having malware_family comes under this internal category. VULNERABILITY : IDS signature having cvssv3 score comes under this internal category. enum: - APPLICATION - MALWARE - VULNERABILITY type: string title: |- IDS Signature Internal category type: array class_type: description: | Class type of Signature. title: |- Signature class type type: string confidence: description: |- Signature's confidence score. title: |- Confidence type: string cves: description: | CVE score items: type: string title: |- Represents the cve score. type: array cvss: description: | Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. NONE means cvssv3/cvssv2 score as 0.0 LOW means cvssv3/cvssv2 score as 0.1-3.9 MEDIUM means cvssv3/cvssv2 score as 4.0-6.9 HIGH means cvssv3/cvssv2 score as 7.0-8.9 CRITICAL means cvssv3/cvssv2 score as 9.0-10.0 enum: - NONE - LOW - MEDIUM - HIGH - CRITICAL title: |- CVSS of signature type: string cvss_score: description: | Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score. title: |- Signature CVSS score type: string cvssv2: description: | Signature cvssv2 score. title: |- Signature cvssv2 score type: string cvssv3: description: | Signature cvssv3 score. title: |- Signature cvssv3 score type: string direction: description: |- Source-destination direction. title: |- Direction type: string enable: description: | Flag which tells whether the signature is enabled or not. title: |- Enable/Disable flag type: boolean flow: description: | Flow established from server, from client etc. title: |- Flow established. type: string impact: description: |- Impact of Signature. title: |- Impact type: string malware_family: description: |- Family of the malware tracked in the signature. title: |- Malware Family type: string mitre_attack: description: |- Mitre Attack details of Signature. items: $ref: '#/definitions/MitreAttack' title: |- MitreAttack type: array name: description: | Signature name. title: |- Represents the signature name type: string performance_impact: description: |- Performance impact of the signature. title: |- Performance impact type: string policy: description: |- Signature policy. items: type: string title: |- Policy type: array product_affected: description: | Product affected by this signature. title: |- Signature product affected type: string protocol: description: |- Protocol used in the packet analysis. title: |- Protocol type: string risk_score: description: |- Risk score of signature. title: |- Risk Score type: string severity: description: | Represents the severity of the Signature. title: |- Signature severity type: string signature_id: description: | Represents the Signature's id. title: |- Signature ID type: string signature_revision: description: | Represents revision of the Signature. title: |- Signature revision type: string signature_severity: description: |- Signature vendor set severity of the signature rule. title: |- Signature severity type: string tag: description: |- Vendor assigned classification tag. items: type: string title: |- Signature tag type: array type: description: |- Signature type. items: type: string title: |- Type type: array urls: description: | List of mitre attack URLs pertaining to signature items: type: string title: |- List of mitre attack URLs pertaining to signature. type: array type: object x-vmw-nsx-module: PolicyIDSMetrics description: | Intrusion Detection System Signature . title: |- Intrusion Detection System Signature x-vmw-nsx-module: PolicyIDSMetrics IdsSignatureListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IDS signature list results items: $ref: '#/definitions/IdsSignature' title: |- IDS signature list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDS description: |- Paged collection of IDS signatures title: |- Paged collection of IDS signatures x-vmw-nsx-module: PolicyIDS IdsSignatureStatus: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: download_status: description: | READY means signatures were downloaded and parsed successfully. PENDING means that signatures download is in progress. ERROR means error occurred during signature processing. DISABLED means IDS is disabled. enum: - READY - PENDING - ERROR - DISABLED readOnly: true title: |- IDS signature download status type: string signature_status: description: | AVAILABLE means the signatures are available for the version. UNAVAILABLE means there are no available signatures for the version. enum: - AVAILABLE - UNAVAILABLE readOnly: true title: |- IDS signature status type: string version_id: description: | Represents the version id. readOnly: true title: |- Version Id type: string type: object x-vmw-nsx-module: PolicyIDS description: | Ids signature status. title: |- Intrusion Detection System signature status x-vmw-nsx-module: PolicyIDS IdsSignatureVersion: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: change_log: description: | Represents the version's change log. readOnly: true title: |- Change log type: string state: description: | This flag tells which Version is currently active. ACTIVE: It means the signatures under this version is currently been used under IDS Profiles. NOTACTIVE: It means signatures of this version are available but not being used in IDS Profiles. enum: - ACTIVE - NOTACTIVE readOnly: true title: |- State of the Version type: string status: description: | This flag tells the status of the signatures under a version. OUTDATED: It means the signatures under this version are outdated and new version is available. LATEST: It means the signatures of this version are up to date. enum: - OUTDATED - LATEST readOnly: true title: |- Status of the Version type: string update_time: description: | Time when this version was downloaded and saved. format: int64 readOnly: true type: integer user_uploaded: description: | Flag which tells whether the Signature version is uploaded by user or not. readOnly: true title: |- User Uploaded Signature bundle flag type: boolean version_id: description: | Represents the version id. readOnly: true title: |- Version Id type: string type: object x-vmw-nsx-module: PolicyIDS description: | It represents the version information corresponding to which the signatures will be available. title: |- Intrusion Detection System signature version x-vmw-nsx-module: PolicyIDS IdsSignatureVersionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IDS signature version list results items: $ref: '#/definitions/IdsSignatureVersion' title: |- IDS signature version list results type: array required: - results type: object x-vmw-nsx-module: PolicyIDS description: |- Paged collection of IDS signature versions title: |- Paged collection of IDS signature versions x-vmw-nsx-module: PolicyIDS IdsStandaloneHostConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ids_enabled: description: |- If set to true, IDS is enabled on standalone hosts. readOnly: false title: |- IDS enabled flag type: boolean required: - ids_enabled type: object x-vmw-nsx-module: PolicyIDS description: | IDS configuration to enable/disable IDS on standalone host level. title: |- Intrusion Detection System configuration x-vmw-nsx-module: PolicyIDS IgmpMembership: description: | IGMP (Internet Group Management Protocol) membership details. properties: group: description: |- Multicast group address. format: ip readOnly: true type: string igmp_version: description: |- IGMP version. format: int64 readOnly: true title: |- IGMP version type: integer interface: description: | Interface on which multicast group membership is learned. readOnly: true title: |- Interface name type: string no_of_sources: description: |- Number of multicast sources. readOnly: true title: |- Number of multicast sources type: string source_address: description: |- IP address of multicast source. format: ip readOnly: true type: string uptime: description: |- Multicast group membership active time. readOnly: true title: |- Group membership active time type: string title: |- IGMP membership details type: object x-vmw-nsx-module: AggSvcLogicalRouter IgmpMembershipCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: group: description: |- Multicast group address. format: ip readOnly: true type: string igmp_version: description: |- IGMP version. format: int64 readOnly: true title: |- IGMP version type: integer interface: description: | Interface on which multicast group membership is learned. readOnly: true title: |- Interface name type: string no_of_sources: description: |- Number of multicast sources. readOnly: true title: |- Number of multicast sources type: string source_address: description: |- IP address of multicast source. format: ip readOnly: true type: string transport_node: description: |- Transport node uuid or policy path. readOnly: true title: |- Transport node uuid or policy path type: string uptime: description: |- Multicast group membership active time. readOnly: true title: |- Group membership active time type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics IgmpMemberships: allOf: - $ref: '#/definitions/ListResult' - properties: gateway_path: description: | Policy path to Tier0 or Tier1 gateway. title: |- Policy path to Tier0 or Tier1 gateway type: string igmp_memberships_per_edge: items: $ref: '#/definitions/IgmpMembershipsPerEdge' type: array required: - gateway_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | IGMP Memberships. title: |- IGMP Memberships x-vmw-nsx-module: PolicyConnectivityStatistics IgmpMembershipsInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/IgmpMembershipCsvRecord' readOnly: true type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics IgmpMembershipsPerEdge: allOf: - $ref: '#/definitions/ListResult' - properties: edge_path: description: | Policy path to edge node. title: |- Policy path to edge node type: string igmp_memberships: items: $ref: '#/definitions/IgmpMembership' type: array required: - edge_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | IGMP Memberships Per Edge. title: |- IGMP Memberships Per Edge x-vmw-nsx-module: PolicyConnectivityStatistics ImportTask: allOf: - $ref: '#/definitions/PolicyTask' - properties: draft_path: description: | Policy path of a draft in which the imported configuration gets stored after completion of import task. readOnly: true title: |- Policy path of a draft type: string type: object x-vmw-nsx-module: PolicyTask description: | This object holds the information of the import task. title: |- Import task information x-vmw-nsx-module: PolicyTask IncludedFieldsParameters: description: |- A list of fields to include in query results properties: included_fields: description: |- Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs. title: |- Comma separated list of fields that should be included in query result type: string title: |- A list of fields to include in query results type: object x-vmw-nsx-module: Common Infra: allOf: - $ref: '#/definitions/AbstractSpace' - properties: domains: description: | This field is used while creating or updating the infra space. items: $ref: '#/definitions/Domain' title: |- Domains for infra type: array type: object x-vmw-nsx-module: Policy description: |- Infra space related policy. title: |- Infra x-vmw-nsx-module: Policy InfraSecurityConfig: allOf: - $ref: '#/definitions/ManagedResource' - properties: ca_signed_only: description: |- When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates. readOnly: false title: |- A flag to indicate whether the server certs are only allowed to be ca-signed. type: boolean crl_checking_enabled: description: |- When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not. Setting this property to false results in lower security. It is not advisible to import certificate without CRL info while CRL checking is disabled, and then re-enable CRL checking. readOnly: false title: |- A flag to indicate whether the Java trust-managers check certificate revocation type: boolean eku_checking_enabled: description: |- When this flag is set to true, during certificate checking the Extended Key Usage extension is expected to be present, indicating whether the certificate is to be used a client certificate or server certificate. Setting this value to false is not recommended as it leads to lower security and operational risk. readOnly: false title: |- A flag to indicate whether the Extended Key Usage extension in the certificate is checked. type: boolean type: object x-vmw-nsx-module: Policy description: |- NSX global configs for security purposes, like trust store and trust manager. title: |- NSX global configs for security purposes, like trust store and trust manager. x-vmw-nsx-module: Policy IngressBroadcastRateLimiter: allOf: - $ref: '#/definitions/QoSBaseRateLimiter' - properties: average_bandwidth: default: 0 description: |- Average bandwidth in kb/s format: int32 minimum: 0 title: |- Average bandwidth in kb/s type: integer burst_size: default: 0 description: |- Burst size in bytes format: int32 minimum: 0 title: |- Burst size in bytes type: integer peak_bandwidth: default: 0 description: |- Peak bandwidth in kb/s format: int32 minimum: 0 title: |- Peak bandwidth in kb/s type: integer type: object x-vmw-nsx-module: PolicyQoS description: |- A shaper that specifies ingress rate properties in kb/s title: |- A shaper that specifies ingress rate properties in kb/s x-vmw-nsx-module: PolicyQoS IngressRateLimiter: allOf: - $ref: '#/definitions/QoSBaseRateLimiter' - properties: average_bandwidth: default: 0 description: |- You can use the average bandwidth to reduce network congestion. format: int32 minimum: 0 title: |- Average bandwidth in Mb/s type: integer burst_size: default: 0 description: |- The burst duration is set in the burst size setting. format: int32 minimum: 0 title: |- Burst size in bytes type: integer peak_bandwidth: default: 0 description: |- The peak bandwidth rate is used to support burst traffic. format: int32 minimum: 0 title: |- Peak bandwidth in Mb/s type: integer type: object x-vmw-nsx-module: PolicyQoS description: |- A shaper that specifies ingress rate properties in Mb/s title: |- A shaper that specifies ingress rate properties in Mb/s x-vmw-nsx-module: PolicyQoS InitiateClusterRestoreRequest: properties: ip_address: description: |- IP address or FQDN of the node from which the backup was taken format: hostname-or-ip readOnly: true title: |- IP address or FQDN of the node from which the backup was taken type: string node_id: description: | Unique id of the backed-up configuration from which the appliance will be restored readOnly: true title: | Unique id of the backed-up configuration from which the appliance will be restored type: string timestamp: description: | Timestamp of the backed-up configuration from which the appliance will be restored format: int64 readOnly: true type: integer type: object x-vmw-nsx-module: ClusterRestore Injection: description: | Injection holding a key and a corresponding value. properties: key: description: |- Injection key. title: |- Key type: string value: $ref: '#/definitions/InjectionValue' required: - value - key title: |- Injection type: object x-vmw-nsx-module: PolicyReaction InjectionValue: description: | Injection Value. discriminator: resource_type properties: resource_type: description: | Injection Value resource type. enum: - UnaryOperationBasedInjectionValue title: |- Resource Type type: string required: - resource_type title: |- Injection Value type: object x-vmw-nsx-module: PolicyReaction InstanceRuntimeStatistic: description: |- Statistics for data NICs on an instance runtime properties: interface_statistics: description: |- List of statistics for all data NICs on a runtime. items: $ref: '#/definitions/RuntimeInterfaceStatistics' readOnly: true title: |- List of statistics for all NICs type: array primary_runtime_stats: description: | Specifies whether statistics are for primary runtime. readOnly: true title: |- Specifies whether statistics are for primary type: boolean runtime_id: description: |- Id of the instance runtime readOnly: true title: |- Id of the instance runtime type: string runtime_name: description: |- Name of the instance runtime readOnly: true title: |- Name of the instance runtime type: string title: |- Instance runtime statistic type: object x-vmw-nsx-module: PolicyServiceInsertion InstructionInfo: description: |- Details of the instructions displayed during restore process properties: actions: description: |- A list of actions that are to be applied to resources items: type: string readOnly: true title: |- Actions list type: array fields: description: |- A list of fields that are displayable to users in a table items: type: string readOnly: true title: |- Displayable fields type: array id: description: |- UUID of the instruction readOnly: true title: |- UUID of the instruction type: string name: description: |- Instruction name readOnly: true title: |- Instruction name type: string title: |- Details of the instructions displayed during restore process type: object x-vmw-nsx-module: ClusterRestore IntegerArrayConstraintValue: allOf: - $ref: '#/definitions/ConstraintValue' - properties: values: description: |- Array of integer values items: format: int32 type: integer maxItems: 100 minItems: 1 title: |- Array of Integer type: array required: - values type: object x-vmw-nsx-module: PolicyConstraints description: |- List of values title: |- Array of Integer Values to perform operation x-vmw-nsx-module: PolicyConstraints IntentRuntimeRequestParameters: description: | Request parameters that represents a an intent path. properties: intent_path: description: | Policy Path referencing an intent object. title: |- Policy Path of the intent object type: string site_path: description: | Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites title: |- Policy Path of the site from where the realization status needs to be fetched type: string required: - intent_path title: |- Request Parameters for Intent Runtime Information type: object x-vmw-nsx-module: PolicyBaseStatistics InterSitePortCounters: allOf: - $ref: '#/definitions/LogicalRouterPortCounters' - type: object x-vmw-nsx-module: AggSvcInterSite x-vmw-nsx-module: AggSvcInterSite InterfaceArpCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: ip: description: |- The IP address format: ip type: string mac_address: description: |- The MAC address title: |- The MAC address type: string required: - ip - mac_address type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceArpEntry: properties: ip: description: |- The IP address format: ip type: string mac_address: description: |- The MAC address title: |- The MAC address type: string required: - ip - mac_address type: object x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceArpProxy: allOf: - $ref: '#/definitions/ListResult' - properties: arp_proxy_entries: description: |- Array of ARP proxy table entries items: $ref: '#/definitions/PolicyArpProxyEntry' readOnly: true title: |- Array of ARP proxy table entries type: array interface_path: description: |- Policy path of gateway interface readOnly: true title: |- Policy path of gateway interface type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceArpProxyCsvEntry: allOf: - $ref: '#/definitions/CsvRecord' - properties: arp_proxy_ip: description: |- ARP proxy information for a service with ip. readOnly: true title: |- ARP proxy service addresses type: string interface_path: description: |- Policy path of gateway interface readOnly: true title: |- Policy path of gateway interface type: string service_id: description: |- Identifier of connected service on port. readOnly: true title: |- Service type id type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceArpTable: allOf: - $ref: '#/definitions/ListResult' - properties: edge_path: description: | Policy path of edge node. title: |- Policy path of edge node type: string enforcement_point_path: description: | String Path of the enforcement point. title: |- Enforcement point path type: string interface_path: description: |- The ID of the logical router port title: |- The ID of the logical router port type: string last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/InterfaceArpEntry' type: array required: - interface_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceArpTableInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/InterfaceArpCsvRecord' type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceDADState: description: |- Duplicate address detection status on the interface. properties: dad_statuses: description: | Array of DAD status which contains DAD information for IP addresses on the interface. items: $ref: '#/definitions/InterfaceIPv6DADStatus' readOnly: true title: |- IPv6 DAD status type: array interface_path: description: | Policy path or realization ID of interface for which IPv6 DAD status is returned. readOnly: true title: |- Policy path or realization ID of interface type: string title: |- Interface DAD status type: object x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceIPv6DADStatus: description: |- Duplicate address detection status for IP address on the interface. properties: edge_paths: description: | Array of edge nodes on which DAD status is reported for given IP address. items: type: string readOnly: true title: |- Edge node paths type: array ip_address: description: | IP address on the port for which DAD status is reported. format: ip readOnly: true type: string status: description: | DAD status for IP address on the port. enum: - DUPLICATED - TENTATIVE - ASSIGNED - NOT_APPLICABLE - UNKNOWN readOnly: true type: string title: |- IPv6 DAD status for Interface type: object x-vmw-nsx-module: PolicyConnectivityStatistics InterfaceNeighborProperties: allOf: - $ref: '#/definitions/ManagedResource' - properties: ifindex: description: |- Interface index format: int64 readOnly: true title: |- Interface index type: integer mac: description: |- Interface MAC address readOnly: true title: |- Interface MAC address type: string name: description: |- Interface Name readOnly: true title: |- Interface Name type: string neighbors: description: |- Neighbor properties items: $ref: '#/definitions/NeighborProperties' readOnly: true title: |- Neighbor properties type: array uniqueItems: true type: object x-vmw-nsx-module: Lldp description: |- Interface neighbor properties title: |- Interface neighbor properties x-vmw-nsx-module: Lldp InterfaceNeighborPropertyListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Interface neighbor property results items: $ref: '#/definitions/InterfaceNeighborProperties' title: |- Interface neighbor property results type: array type: object x-vmw-nsx-module: Lldp description: |- Interface neighbor property query results title: |- Interface neighbor property query results x-vmw-nsx-module: Lldp InterfaceSubnet: description: |- Subnet specification for interface connectivity properties: ip_addresses: description: |- IP addresses assigned to interface items: description: |- IPv4 or IPv6 address format: ip type: string title: |- IP addresses assigned to interface type: array prefix_len: description: |- Subnet prefix length format: int32 maximum: 128 minimum: 1 title: |- Subnet prefix length type: integer required: - ip_addresses - prefix_len title: |- Subnet specification for interface connectivity type: object x-vmw-nsx-module: PolicyConnectivity IntersiteGatewayConfig: description: |- Intersite gateway configuration. properties: fallback_sites: description: | Fallback site to be used as new primary site on current primary site failure. Disaster recovery must be initiated via API/UI. Fallback site configuration is supported only for T0 gateway. T1 gateway will follow T0 gateway's primary site during disaster recovery. items: type: string title: |- Fallback sites type: array intersite_transit_subnet: default: 169.254.32.0/20 description: | IPv4 subnet for inter-site transit segment connecting service routers across sites for stretched gateway. For IPv6 link local subnet is auto configured. format: ip-cidr-block title: |- Transit subnet in CIDR format type: string last_admin_active_epoch: description: | Epoch(in seconds) is auto updated based on system current timestamp when primary locale service is updated. It is used for resolving conflict during site failover. If system clock not in sync then User can optionally override this. New value must be higher than the current value. format: int64 maximum: 4294967295 title: |- Epoch of last time admin changing active LocaleServices type: integer primary_site_path: description: | Primary egress site for gateway. T0/T1 gateway in Active/Standby mode supports stateful services on primary site. In this mode primary site must be set if gateway is stretched to more than one site. For T0 gateway in Active/Active primary site is optional field. If set then secondary site prefers routes learned from primary over locally learned routes. This field is not applicable for T1 gateway with no services. title: |- Primary egress site for gateway. type: string title: |- Intersite gateway configuration type: object x-vmw-nsx-module: PolicyConnectivity IntervalBackupSchedule: allOf: - $ref: '#/definitions/BackupSchedule' - properties: seconds_between_backups: default: 3600 description: |- Time interval in seconds between two consecutive automated backups format: int64 maximum: 86400 minimum: 300 title: |- Time interval in seconds between two consecutive automated backups type: integer type: object x-vmw-nsx-module: BackupConfiguration description: |- Schedule to specify the interval time at which automated backups need to be taken title: |- Schedule to specify the interval time at which automated backups need to be taken x-vmw-nsx-module: BackupConfiguration IntervalSampling: allOf: - $ref: '#/definitions/SamplingArgument' - properties: sampling_interval: description: |- Time interval in ms between two sampling actions. format: int64 maximum: 30000 minimum: 1 title: |- Time interval in ms between two sampling actions. type: integer required: - sampling_interval type: object x-vmw-nsx-module: LiveTrace x-vmw-nsx-module: LiveTrace IpAddressAllocation: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: allocation_ip: description: |- Address that is allocated from pool format: ip readOnly: true type: string type: object x-vmw-nsx-module: PolicyIpam description: |- Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release. title: |- Parameters for IP allocation x-vmw-nsx-module: PolicyIpam IpAddressAllocationListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of IpAddressAllocations items: $ref: '#/definitions/IpAddressAllocation' title: |- List of IpAddressAllocations type: array type: object x-vmw-nsx-module: PolicyIpam description: |- List of IP address allocations title: |- List of IP address allocations x-vmw-nsx-module: PolicyIpam IpAddressBlock: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cidr: description: |- Represents a network address and the prefix length which will be associated with a layer-2 broadcast domain. Support IPv4 and IPv6 CIDR. format: ip-cidr-block title: |- A contiguous IP address space represented by network address and prefix length type: string required: - cidr type: object x-vmw-nsx-module: PolicyIpam description: |- A block of IP addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can be added to IP pools and used for IP allocation. title: |- IP address space represented by network address and prefix x-vmw-nsx-module: PolicyIpam IpAddressBlockListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IpAddressBlock list results items: $ref: '#/definitions/IpAddressBlock' title: |- IpAddressBlock list results type: array required: - results type: object x-vmw-nsx-module: PolicyIpam description: |- Paged collection of IpAddressBlocks title: |- Paged collection of IpAddressBlocks x-vmw-nsx-module: PolicyIpam IpAddressInfo: description: |- Ipaddress information of the fabric node. properties: ip_addresses: description: |- IP Addresses of the the virtual network interface, as discovered in the source. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- IP Addresses of the the virtual network interface, as discovered in the source. type: array source: description: |- Source of the ipaddress information. enum: - VM_TOOLS readOnly: true title: |- Source of the ipaddress information. type: string title: |- Ipaddress information of the fabric node. type: object x-vmw-nsx-module: Inventory IpAddressPool: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: check_overlap_with_existing_pools: default: false description: | If an existing IpAddressPool is found that overlaps with the given IpAddressPool, then a validation error would be thrown while realization. It is false by default. title: |- Whether to perform overlap check with existing IpAddressPools while realization. type: boolean ip_release_delay: description: |- Delay in milliseconds, while releasing allocated IP address from IP pool (Default is 2 mins). format: int64 title: |- IP address release delay in milliseconds type: integer pool_usage: $ref: '#/definitions/PolicyPoolUsage' type: object x-vmw-nsx-module: PolicyIpam description: |- IpAddressPool is a collection of subnets. The subnets can either be derived from an IpBlock or specified by the user. User can request for IP addresses to be allocated from a pool. When an IP is requested from a pool, the IP that is returned can come from any subnet that belongs to the pool. title: |- A collection of IP subnets x-vmw-nsx-module: PolicyIpam IpAddressPoolBlockSubnet: allOf: - $ref: '#/definitions/IpAddressPoolSubnet' - properties: auto_assign_gateway: default: true description: |- If this property is set to true, the first IP in the range will be reserved for gateway. title: |- Indicate whether default gateway is to be reserved from the range type: boolean ip_block_path: description: |- The path of the IpAddressBlock from which the subnet is to be created. title: |- The path of the IpAddressBlock from which the subnet is to be created. type: string size: description: |- The size parameter is required for subnet creation. It must be specified during creation but cannot be changed later. format: int64 title: |- Represents the size or number of IP addresses in the subnet type: integer start_ip: description: |- For internal system use Only. Represents start ip address of the subnet from IP block. Subnet ip adddress will start from this ip address. format: ip type: string required: - ip_block_path - size type: object x-vmw-nsx-module: PolicyIpam description: |- This type of subnet allows user to dynamically carve a subnet out of a preconfigured IpAddressBlock. The user must specify the size of the subnet and the IpAddressBlock from which the subnet is to be derived. If the required amount of IP adress space is available in the specified IpAddressBlock, the system automatically configures subnet range. title: |- IpAddressPoolSubnet dynamically carved out of a IpAddressBlock x-vmw-nsx-module: PolicyIpam IpAddressPoolListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IpAddressPool list results items: $ref: '#/definitions/IpAddressPool' title: |- IpAddressPool list results type: array required: - results type: object x-vmw-nsx-module: PolicyIpam description: |- Paged collection of IpAddressPools title: |- Paged collection of IpAddressPools x-vmw-nsx-module: PolicyIpam IpAddressPoolStaticSubnet: allOf: - $ref: '#/definitions/IpAddressPoolSubnet' - properties: allocation_ranges: description: |- A collection of IPv4 or IPv6 IP Pool Ranges. items: $ref: '#/definitions/IpPoolRange' title: |- A collection of IPv4 or IPv6 IP Pool Ranges. type: array cidr: description: |- Subnet representation is a network address and prefix length title: |- Subnet representation is a network address and prefix length type: string dns_nameservers: description: |- The collection of upto 3 DNS servers for the subnet. items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 3 title: |- The collection of upto 3 DNS servers for the subnet. type: array uniqueItems: true dns_suffix: description: |- The DNS suffix for the DNS server. format: hostname title: |- The DNS suffix for the DNS server. type: string gateway_ip: description: |- The default gateway address on a layer-3 router. format: ip type: string required: - cidr - allocation_ranges type: object x-vmw-nsx-module: PolicyIpam description: |- This type of subnet is statically configured by the user. The user provides the range details and the gateway for the subnet. title: |- IpAddressPoolSubnet statically configured by a user x-vmw-nsx-module: PolicyIpam IpAddressPoolSubnet: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: description: |- Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user enum: - IpAddressPoolBlockSubnet - IpAddressPoolStaticSubnet type: string required: - resource_type type: object x-vmw-nsx-module: PolicyIpam description: |- IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified by the user. In the first case where the subnet is carved out of a IpAddressBlock, the user must specify the ID of the block from which this subnet is to be derived. This block must be pre-created. The subnet range is auto populated by the system. In the second case, the user configures the subnet range directly. No IpAddressBlock is required. title: |- Abstract class for IpSubnet in a IpAddressPool x-vmw-nsx-module: PolicyIpam IpAddressPoolSubnetListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- IP Pool subnet list results items: $ref: '#/definitions/IpAddressPoolSubnet' title: |- IP Pool subnet list results type: array required: - results type: object x-vmw-nsx-module: PolicyIpam x-vmw-nsx-module: PolicyIpam IpAssignmentSpec: description: |- Abstract base type for specification of IPs to be used with host switch virtual tunnel endpoints discriminator: resource_type properties: resource_type: enum: - StaticIpPoolSpec - StaticIpListSpec - AssignedByDhcp - StaticIpMacListSpec type: string required: - resource_type title: |- Abstract base type for specification of IPs to be used with host switch virtual tunnel endpoints type: object x-vmw-nsx-module: TransportNode IpInfo: description: | Only support IP address or subnet. Its type can be of IPv4 or IPv6. It will be converted to subnet when netmask is specified(e.g., 192.168.1.3/24 => 192.168.1.0/24, 2008:12:12:12::2/64 => 2008:12:12:12::/64). properties: dst_ip: description: |- The destination IP address or subnet format: address-or-block-or-range type: string src_ip: description: |- The source IP address or subnet format: address-or-block-or-range type: string type: object x-vmw-nsx-module: LiveTrace IpMacPair: description: |- IP and MAC pair. properties: ip: description: |- IP address format: ip readOnly: false type: string mac: description: |- MAC address format: mac-address readOnly: false type: string required: - ip title: |- IP and MAC pair. type: object x-vmw-nsx-module: TransportNode IpPoolRange: allOf: - $ref: '#/definitions/Resource' - properties: end: description: |- The end IP Address of the IP Range. format: ip type: string start: description: |- The start IP Address of the IP Range. format: ip type: string required: - start - end type: object x-vmw-nsx-module: Ipam description: |- A set of IPv4 or IPv6 addresses defined by a start and end address. x-vmw-nsx-module: Ipam IpSecVpnPolicyTrafficStatistics: description: | IPSec VPN policy traffic statistics properties: aggregate_traffic_counters: $ref: '#/definitions/IPSecVpnTrafficCounters' rule_path: description: |- Policy path referencing the IPSec VPN Rule. readOnly: true title: |- IPSec VPN Rule path type: string tunnel_interface_path: description: |- Policy path referencing the IPSec VPN Tunnel Interface. readOnly: true title: |- IPSec VPN Tunnel Interface path type: string tunnel_statistics: description: |- Tunnel statistics. items: $ref: '#/definitions/IpSecVpnTunnelTrafficStatistics' readOnly: true title: |- Tunnel statistics type: array title: |- IPSec VPN policy traffic statistics type: object x-vmw-nsx-module: PolicyVpnStats IpSecVpnTunnelTrafficStatistics: description: |- IPSec VPN tunnel traffic statistics. properties: bytes_in: description: | Total number of incoming bytes on inbound Security association. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: | Total number of outgoing bytes on outbound Security association. format: int64 readOnly: true title: |- Bytes out type: integer decryption_failures: description: | Total number of packets dropped due to decryption failures. format: int64 readOnly: true title: |- Decryption failures type: integer dropped_packets_in: description: | Total number of incoming packets dropped on inbound security association. format: int64 readOnly: true title: |- Dropped incoming packets type: integer dropped_packets_out: description: | Total number of outgoing packets dropped on outbound security association. format: int64 readOnly: true title: |- Dropped outgoing packets type: integer encryption_failures: description: | Total number of packets dropped because of failure in encryption. format: int64 readOnly: true title: |- Encryption failures type: integer integrity_failures: description: | Total number of packets dropped due to integrity failures. format: int64 readOnly: true title: |- Integrity failures type: integer local_subnet: description: | Tunnel local subnet in IPv4 CIDR Block format. readOnly: true title: |- Local subnet type: string nomatching_policy_errors: description: | Number of packets dropped because of no matching policy is available. format: int64 readOnly: true title: |- Nomatching Policy errors type: integer packets_in: description: | Total number of incoming packets on inbound Security association. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: | Total number of outgoing packets on outbound Security association. format: int64 readOnly: true title: |- Packets out type: integer packets_received_other_error: description: | Total number of incoming packets dropped on inbound Security association. format: int64 readOnly: true title: |- Packets received other error type: integer packets_sent_other_error: description: | Total number of packets dropped while sending for any reason. format: int64 readOnly: true title: |- Packets sent other error type: integer peer_subnet: description: | Tunnel peer subnet in IPv4 CIDR Block format. readOnly: true title: |- Peer subnet type: string policy_id: description: |- Policy UUID of IPSec Tunnel. readOnly: true title: |- Policy Identifier type: string replay_errors: description: | Total number of packets dropped due to replay check on that Security association. format: int64 readOnly: true title: |- Replay errors type: integer sa_mismatch_errors_in: description: | Totoal number of security association mismatch errors on incoming packets. format: int64 readOnly: true title: |- Security association mismatch errors on incoming packets. type: integer sa_mismatch_errors_out: description: | Totoal number of security association mismatch errors on outgoing packets. format: int64 readOnly: true title: |- Security association mismatch errors on outgoing packets type: integer seq_number_overflow_error: description: | Total number of packets dropped while sending due to overflow in sequence number. format: int64 readOnly: true title: |- Sequence number overflow error type: integer tunnel_down_reason: description: | Gives the detailed reason about the tunnel when it is down. If tunnel is UP tunnel down reason will be empty. readOnly: true title: |- Tunnel down reason type: string tunnel_status: description: | Specifies the status of tunnel, if it is UP/DOWN. enum: - UP - DOWN readOnly: true title: |- Tunnel Status type: string title: |- IPSec VPN tunnel traffic statistics type: object x-vmw-nsx-module: PolicyVpnStats Ipv4Header: properties: dst_ip: description: |- The destination ip address. format: ipv4 type: string flags: default: 0 description: |- IP flags format: int64 maximum: 8 minimum: 0 title: |- IP flags type: integer protocol: default: 1 description: |- IP protocol - defaults to ICMP format: int64 maximum: 255 minimum: 0 title: |- IP protocol - defaults to ICMP type: integer src_ip: description: |- The source ip address. format: ipv4 type: string src_subnet_prefix_len: description: |- This is used together with src_ip to calculate dst_ip for broadcast when dst_ip is not given; not used in all other cases. format: int64 maximum: 32 minimum: 1 title: |- source subnet prefix length. type: integer ttl: default: 64 description: |- Time to live (ttl) format: int64 maximum: 255 minimum: 0 title: |- Time to live (ttl) type: integer type: object x-vmw-nsx-module: Traceflow Ipv6DadProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dad_mode: default: LOOSE description: |- DAD Mode enum: - LOOSE - STRICT type: string ns_retries: default: 3 description: | Number of Neighbor solicitation packets generated before completing the Duplicate address detection process. format: int64 maximum: 10 minimum: 0 title: |- NS retries count type: integer wait_time: default: 1 description: | The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message. format: int64 maximum: 60 minimum: 0 title: |- Wait time type: integer type: object x-vmw-nsx-module: PolicyConnectivity description: | Duplicate address detection profile. x-vmw-nsx-module: PolicyConnectivity Ipv6DadProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of Ipv6DadProfile items: $ref: '#/definitions/Ipv6DadProfile' title: |- Paginated list of Ipv6DadProfile type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity Ipv6Header: properties: dst_ip: description: |- The destination ip address. format: ipv6 type: string hop_limit: default: 64 description: |- Decremented by 1 by each node that forwards the packets. The packet is discarded if Hop Limit is decremented to zero. format: int64 maximum: 255 minimum: 0 title: |- hop limit type: integer next_header: default: 58 description: |- Identifies the type of header immediately following the IPv6 header. format: int64 maximum: 255 minimum: 0 title: |- Identifies the type of header immediately following the IPv6 header. type: integer src_ip: description: |- The source ip address. format: ipv6 type: string type: object x-vmw-nsx-module: Traceflow Ipv6NdraProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dns_config: $ref: '#/definitions/RaDNSConfig' ndra_advertised_route: description: | Route advertised in NDRAProfile. items: $ref: '#/definitions/NDRAAdvertisedRoute' type: array ra_config: $ref: '#/definitions/RAConfig' ra_mode: default: SLAAC_DNS_THROUGH_RA description: |- RA Mode enum: - DISABLED - SLAAC_DNS_THROUGH_RA - SLAAC_DNS_THROUGH_DHCP - DHCP_ADDRESS_AND_DNS_THROUGH_DHCP - SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP type: string reachable_timer: default: 0 description: | Neighbour reachable time duration in milliseconds. A value of 0 means unspecified. format: int64 maximum: 3600000 minimum: 0 title: |- Reachable timer type: integer retransmit_interval: default: 1000 description: | The time, in milliseconds, between retransmitted neighbour solicitation messages. A value of 0 means unspecified. format: int64 maximum: 4294967295 minimum: 0 title: |- Retransmission interval type: integer required: - ra_mode - ra_config type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity Ipv6NdraProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of Ipv6NdraProfile items: $ref: '#/definitions/Ipv6NdraProfile' title: |- Paginated list of Ipv6NdraProfile type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity IssuerSerialNumber: properties: issuer: description: |- Issuer Distinguished Name of the revoked certificates. title: |- Issuer Distinguished Name (DN) type: string serial_numbers: description: |- List of Certificate Serial Numbers issued by the specified issuers. items: type: string title: |- Certificate Serial Numbers type: array type: object x-vmw-nsx-module: CertificateManager KeyStoreInfo: description: |- Key Store information about the url alias or datasource. properties: keystore: description: |- A location of the keystor file which stores private key and identity certificates that will be presented to both parties (server or client) for verification. title: |- A location of the keystore file type: string keystore_alias: description: |- Its an alias specified when an entity is added to the keystore. title: |- An alias is used to uniquely identifies the entry in keystore type: string keystore_phrase: description: |- A location of the key store pass phrase file. title: |- A location of the key store pass phrase file. type: string truststore: description: |- A location of the trust store file which stores the certificate from CA that verify the certificate presented by the server in SSL connection. title: |- A location of the trust store file. type: string title: |- KeyStoreInfo type: object x-vmw-nsx-module: NsxDashboard KeyValue: properties: key: description: |- Key name. readOnly: false type: string value: description: |- Key value. readOnly: false type: string required: - value - key type: object x-vmw-nsx-module: CertificateManager KeyValuePair: description: |- An arbitrary key-value pair properties: key: description: |- Key maxLength: 255 readOnly: false title: |- Key type: string value: description: |- Value maxLength: 255 readOnly: false title: |- Value type: string required: - value - key title: |- An arbitrary key-value pair type: object x-vmw-nsx-module: Common KubeconfigInfo: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bundle_id: description: |- Bundle id of uploaded file. title: |- Bundle id type: string cluster: description: |- Kubernetes cluster to be used for deployment. title: |- Kubernetes cluster type: string connection_status: default: false description: |- Show whether connection to Kubernetes cluster is available or not. title: |- Kubernetes connection status type: boolean current_context: description: | Kubernetes cluster current context to be used for NSX Application Platform deployment. title: |- Kubernetes cluster current context type: string expiry: description: |- Date and time when Kubernetes cluster user token is going to expire. format: int64 type: integer name: description: |- Kubeconfig file name title: |- Kubeconfig file name type: string namespace: description: | Kubernetes cluster namespace to be used for NSX Application Platform deployment. title: |- Kubernetes cluster namespace type: string server: description: |- Kubernetes api server url. title: |- Server url type: string user: description: |- User name to access Kubernetes cluster. title: |- User name type: string type: object x-vmw-nsx-module: PolicyCloudNative description: |- Infromation about kubeconfig file. title: |- Infromation about kubeconfig file x-vmw-nsx-module: PolicyCloudNative KubernetesToolsInfo: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: client_version: description: |- kubectl client version. title: |- Client version type: string compatible: default: true description: |- Show compatibility flag, whether kubectl client version is compatible with Kubernetes api server version. kubectl is supported within one minor version (older or newer) of kube-apiserver. title: |- Kubectl compatibility type: boolean server_version: description: |- Kubernetes api server version. title: |- Server version type: string type: object x-vmw-nsx-module: PolicyCloudNative description: | Information about Kubernetes tools like kubectl client and server versions. title: |- Information about Kubernetes tools x-vmw-nsx-module: PolicyCloudNative L2AutoRD: description: |- Layer 2 Auto assigned Route Distinguisher properties: l2_auto_rd: description: |- Layer 2 auto assigned route distinghusher title: |- Layer 2 auto assigned route distinghusher type: string l2_vni: description: |- Layer 2 Virtual Network Interface title: |- Layer 2 Virtual Network Interface type: string title: |- Layer 2 Auto assigned Route Distinguisher type: object x-vmw-nsx-module: PolicyConnectivityStatistics L2BridgeEndpointProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: edge_paths: description: |- List of policy paths to edge nodes. Edge allocation for L2 bridging. items: type: string maxItems: 2 minItems: 1 title: |- List of path of Edge nodes type: array failover_mode: default: PREEMPTIVE description: |- Failover mode for the edge bridge cluster enum: - PREEMPTIVE - NON_PREEMPTIVE title: |- Failover mode for the edge bridge cluster type: string ha_mode: default: ACTIVE_STANDBY description: |- High avaialability mode can be active-active or active-standby. High availability mode cannot be modified after realization. enum: - ACTIVE_STANDBY title: |- High availability mode for the edge bridge cluster type: string type: object x-vmw-nsx-module: PolicyConnectivity description: |- Used to configure L2 Bridge endpoint profile title: |- Layer 2 Bridge Endpoint Profile x-vmw-nsx-module: PolicyConnectivity L2BridgeEndpointProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- L2BridgeEndpointProfile list results items: $ref: '#/definitions/L2BridgeEndpointProfile' title: |- L2BridgeEndpointProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged Collection of L2BridgeEndpointProfile title: |- Paged Collection of L2BridgeEndpointProfile x-vmw-nsx-module: PolicyConnectivity L2Extension: description: |- Segment specific L2 VPN configuration properties: l2vpn_path: description: | This property has been deprecated. Please use the property l2vpn_paths for setting the paths of associated L2 VPN session. This property will continue to work as expected to provide backwards compatibility. However, when both l2vpn_path and l2vpn_paths properties are specified, only l2vpn_paths is used. title: |- Policy path of associated L2 VPN session type: string x-deprecated: true l2vpn_paths: description: | Policy paths corresponding to the associated L2 VPN sessions items: type: string title: |- Policy paths of associated L2 VPN sessions type: array local_egress: $ref: '#/definitions/LocalEgress' tunnel_id: description: |- Tunnel ID format: int32 maximum: 4093 minimum: 1 title: |- Tunnel ID type: integer title: |- Segment specific L2 VPN configuration type: object x-vmw-nsx-module: PolicyConnectivity L2ForwarderRemoteMacsPerSite: properties: remote_active_ips: description: |- Remote active IP addresses. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- Remote active IPs type: array remote_mac_addresses: description: |- Remote mac addresses. items: type: string readOnly: true title: |- Remote mac addresses type: array remote_site: $ref: '#/definitions/ResourceReference' remote_standby_ips: description: |- Remote standby IP addresses. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- Remote standby IPs type: array rtep_group_id: description: | 32 bit unique RTEP group id of the logical switch per site. format: int64 readOnly: true title: |- RTEP group id of logical switch per site type: integer type: object x-vmw-nsx-module: AggSvcL2Forwarder L2ForwarderStatusPerNode: properties: high_availability_status: description: | High Availability status of a service router on the edge node. enum: - ACTIVE - STANDBY - DOWN - SYNC - UNKNOWN readOnly: true title: |- Service router's HA status type: string transport_node: $ref: '#/definitions/ResourceReference' type: object x-vmw-nsx-module: AggSvcL2Forwarder L2TcpMaxSegmentSizeClamping: description: |- TCP MSS Clamping Direction and Value. properties: direction: default: BOTH description: | Specifies the traffic direction for which to apply MSS Clamping. enum: - NONE - BOTH title: |- Maximum Segment Size Clamping Direction type: string max_segment_size: description: | MSS defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is an optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8852. format: int64 maximum: 8860 minimum: 108 title: |- Maximum Segment Size Value type: integer title: |- TCP MSS Clamping type: object x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNService: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enable_hub: default: false description: | This property applies only in SERVER mode. If set to true, traffic from any client will be replicated to all other clients. If set to false, traffic received from clients is only replicated to the local VPN endpoint. title: |- Enable spoke to spoke (client) forwarding via hub (server) type: boolean encap_ip_pool: description: | IP Pool to allocate local and peer endpoint IPs for L2VpnSession logical tap. items: description: |- IPv4 CIDR Block format: ipv4-cidr-block type: string title: |- IP Pool for Logical Taps type: array mode: default: SERVER description: |- Specify an L2VPN service mode as SERVER or CLIENT. enum: - SERVER - CLIENT title: |- L2VPN Service Mode type: string type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: | L2VPN Service defines if service running as server or client. It also defines all the common properties for the multiple L2VPN Sessions associated with this service. title: |- L2VPN Service x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNServiceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- L2VPNService list results items: $ref: '#/definitions/L2VPNService' title: |- L2VPNService list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: |- Paged Collection of L2VPNServices title: |- Paged Collection of L2VPNServices x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSession: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enabled: default: true description: |- Enable to extend all the associated segments. title: |- Enable L2VPN session type: boolean tcp_mss_clamping: $ref: '#/definitions/L2TcpMaxSegmentSizeClamping' transport_tunnels: description: |- List of transport tunnels for redundancy. items: type: string maxItems: 1 minItems: 1 title: |- List of transport tunnels type: array tunnel_encapsulation: $ref: '#/definitions/L2VPNTunnelEncapsulation' required: - transport_tunnels type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: | Defines the tunnel local and peer addresses along with multiple tansport tunnels for redundancy. L2VPNSession belongs to only one L2VPNService. title: |- L2VPN Session x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSessionData: description: | L2VPN Session Data represents meta data necessary to create the L2VPN Session. It is represented by an array of peer code for each tunnel. properties: description: description: |- Description of L2VPN Session maxLength: 1024 title: |- Description of L2VPN Session type: string display_name: description: |- Defaults to id if not set. maxLength: 255 title: |- Identifier to use when displaying L2VPN Session type: string enabled: default: true description: |- Enable to extend all the associated segments. title: |- Enable L2VPN session type: boolean transport_tunnels: description: |- List of L2VPN transport tunnel data. items: $ref: '#/definitions/L2VPNSessionTransportTunnelData' maxItems: 1 minItems: 1 title: |- List of L2VPN Transport Tunnel Data type: array title: |- L2VPN Session Data type: object x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSessionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- L2VPNSession list results items: $ref: '#/definitions/L2VPNSession' title: |- L2VPNSession list results type: array required: - results type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: |- Paged Collection of L2VPNSession title: |- Paged Collection of L2VPNSession x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSessionPeerConfigNsxT: allOf: - $ref: '#/definitions/L2VPNSessionPeerConfigPerEP' - properties: peer_codes: description: |- List of peer codes per transport tunnel. items: $ref: '#/definitions/L2VPNSessionTransportTunnelPeerCode' maxItems: 1 minItems: 1 readOnly: true title: |- List of peer codes type: array type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: | L2VPNSessionPeerCodes represents an array of peer code for each tunnel. The peer code is necessary to configure the remote end of the tunnel. Currently only stand-along/unmanaged edge is supported on the remote end of the tunnel. title: |- Peer code to configure the other side of the tunnel x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSessionPeerConfigPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: enum: - L2VPNSessionPeerConfigNsxT type: string required: - resource_type type: object x-vmw-nsx-module: PolicyVpnLayer2VPN description: | Peer config per Enforcement Point to configure the other side of the tunnel. title: |- Peer config per Enforcement Point x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSessionStatisticsNsxT: allOf: - $ref: '#/definitions/L2VPNSessionStatisticsPerEP' - properties: display_name: description: |- Display name of l2vpn session. readOnly: true title: |- Display name type: string tap_traffic_counters: description: |- Tunnel port traffic counters. items: $ref: '#/definitions/L2VPNTapStatistics' readOnly: true title: |- Tunnel port traffic counters type: array traffic_statistics_per_segment: description: |- Traffic statistics per segment. items: $ref: '#/definitions/L2VPNTrafficStatisticsPerSegment' readOnly: true title: |- Traffic statistics per segment type: array type: object x-vmw-nsx-module: PolicyVpnStats description: | L2VPN session statistics gives session status and traffic statistics per segment. title: |- L2VPN session statistics x-vmw-nsx-module: PolicyVpnStats L2VPNSessionStatisticsPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: enum: - L2VPNSessionStatisticsNsxT type: string required: - resource_type type: object x-vmw-nsx-module: PolicyVpnStats description: | L2VPN Session Statistics Per Enforcement Point. title: |- L2VPN Session Statistics Per Enforcement Point x-vmw-nsx-module: PolicyVpnStats L2VPNSessionStatusNsxT: allOf: - $ref: '#/definitions/L2VPNSessionStatusPerEP' - properties: display_name: description: |- Display name of l2vpn session. readOnly: true title: |- Display name type: string runtime_status: description: |- L2 VPN session status, specifies UP/DOWN. enum: - UP - DOWN readOnly: true title: |- L2 VPN session status type: string transport_tunnels: description: |- Transport tunnels status. items: $ref: '#/definitions/L2VPNSessionTransportTunnelStatus' readOnly: true title: |- Transport tunnels status type: array type: object x-vmw-nsx-module: PolicyVpnStats description: | L2VPN Session Status represents status on an NSX-T type of enforcement point. title: |- L2VPN session status summary x-vmw-nsx-module: PolicyVpnStats L2VPNSessionStatusPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: enum: - L2VPNSessionStatusNsxT type: string required: - resource_type type: object x-vmw-nsx-module: PolicyVpnStats description: | L2VPN Session Status Per Enforcement Point. title: |- L2VPN Session Status Per Enforcement Point x-vmw-nsx-module: PolicyVpnStats L2VPNSessionTransportTunnelData: description: | L2VPN Session Transport Tunnel Data uses a peer code which has all the information to create the transport tunnel. properties: local_address: description: |- IPv4 Address of local endpoint. format: ipv4 type: string peer_address: description: |- IPv4 Address of Peer endpoint on remote site. format: ipv4 type: string peer_code: description: | Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g local/peer ips and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it. title: |- Peer code for the transport tunnel type: string required: - local_address - peer_address title: |- L2VPN Session Transport Tunnel Data type: object x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSessionTransportTunnelPeerCode: description: |- L2VPN transport tunnel peer code. properties: peer_code: description: | Peer code represents a base64 encoded string which has all the configuration for tunnel. E.g local/peer ips and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it. readOnly: true title: |- Peer code for the transport tunnel type: string transport_tunnel_path: description: |- Policy Path referencing the transport tunnel. readOnly: true title: |- Policy Path referencing the transport tunnel. type: string title: |- L2VPN Transport Tunnel Peer Code type: object x-vmw-nsx-module: PolicyVpnLayer2VPN L2VPNSessionTransportTunnelStatus: description: |- Transport tunnel status. discriminator: resource_type properties: resource_type: enum: - IPSecVpnTransportStatus type: string transport_tunnel_path: description: |- Policy path referencing Transport Tunnel. readOnly: true title: |- Policy path referencing Transport Tunnel type: string required: - resource_type title: |- Transport tunnel status type: object x-vmw-nsx-module: PolicyVpnStats L2VPNTapStatistics: description: | TAP (Terminal access point) traffic statistics for L2VPN. properties: bytes_in: description: | Total number of incoming bytes. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: | Total number of outgoing bytes. format: int64 readOnly: true title: |- Bytes out type: integer packets_in: description: | Total number of incoming packets. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: | Total number of outgoing packets. format: int64 readOnly: true title: |- Packets out type: integer packets_receive_error: description: | Total number of incoming packets dropped. format: int64 readOnly: true title: |- packets recieved error type: integer packets_sent_error: description: | Total number of packets dropped while sending for any reason. format: int64 readOnly: true title: |- Packets sent error type: integer title: |- L2VPN TAP (Terminal access point) traffic statistics type: object x-vmw-nsx-module: PolicyVpnStats L2VPNTrafficStatisticsPerSegment: description: |- Traffic statistics for a segment. properties: bum_bytes_in: description: | Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) bytes in type: integer bum_bytes_out: description: | Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) bytes out type: integer bum_packets_in: description: | Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) packets in type: integer bum_packets_out: description: | Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) packets out type: integer bytes_in: description: | Total number of incoming bytes. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: | Total number of outgoing bytes. format: int64 readOnly: true title: |- Bytes out type: integer packets_in: description: | Total number of incoming packets. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: | Total number of outgoing packets. format: int64 readOnly: true title: |- Packets out type: integer packets_receive_error: description: | Total number of incoming packets dropped. format: int64 readOnly: true title: |- Packets received error type: integer packets_sent_error: description: | Total number of packets dropped while sending for any reason. format: int64 readOnly: true title: |- Packets sent error type: integer segment_path: description: | Policy path referencing the segment on which stats are gathered. readOnly: true title: |- Segment Path type: string title: |- Traffic statistics per segment type: object x-vmw-nsx-module: PolicyVpnStats L2VPNTunnelEncapsulation: description: |- L2VPN tunnel encapsulation config. properties: local_endpoint_address: description: | IP Address of the local tunnel port. This property only applies in CLIENT mode. format: ipv4 readOnly: true type: string peer_endpoint_address: description: | IP Address of the peer tunnel port. This property only applies in CLIENT mode. format: ipv4 readOnly: true type: string protocol: default: GRE description: |- Encapsulation protocol used by the tunnel. enum: - GRE readOnly: true title: |- Encapsulation protocol type: string title: |- L2VPN Tunnel Encapsulation type: object x-vmw-nsx-module: PolicyVpnLayer2VPN L2Vpn: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enabled: default: true description: | Enable to extend all the associated segments. title: |- Enable L2Vpn type: boolean transport_tunnels: description: | List of paths referencing transport tunnels. items: type: string maxItems: 1 minItems: 1 title: |- List of paths referencing transport tunnels type: array required: - transport_tunnels type: object x-vmw-nsx-module: PolicyL2Vpn description: | Contains information necessary to configure L2Vpn. title: |- L2 Virtual Private Network Configuration x-vmw-nsx-module: PolicyL2Vpn L2VpnContext: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enable_hub: default: false description: | If enabled, the tier-0 acts as a Hub and replicates traffic received from peer to all other peers. If disabled, the tier-0 acts as a Spoke and replicates only the local. title: |- Enable to act as hub type: boolean type: object x-vmw-nsx-module: PolicyL2Vpn description: | L2Vpn Context provides meta-data information about the parent Tier-0. title: |- L2Vpn Context x-vmw-nsx-module: PolicyL2Vpn L2VpnListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- L2Vpn list results items: $ref: '#/definitions/L2Vpn' title: |- L2Vpn list results type: array required: - results type: object x-vmw-nsx-module: PolicyL2Vpn description: |- Paged Collection of L2Vpns title: |- Paged Collection of L2Vpns x-vmw-nsx-module: PolicyL2Vpn L2VpnPeerCodes: allOf: - $ref: '#/definitions/L2VpnPeerConfigPerEnforcementPoint' - properties: peer_codes: description: |- List of peer codes per transport tunnel. items: $ref: '#/definitions/L2VpnTransportTunnelPeerCode' maxItems: 1 minItems: 1 title: |- List of peer codes type: array required: - peer_codes type: object x-vmw-nsx-module: PolicyL2Vpn description: | Get the peer_code for each tunnel to paste on the remote end of the tunnel. Currently only stand-along/unmanaged edge is supported on the remote end of the tunnel. title: |- Peer code to configure the other side of the tunnel x-vmw-nsx-module: PolicyL2Vpn L2VpnPeerConfigPerEnforcementPoint: description: | Peer config per Enforcement Point to configure the other side of the tunnel. discriminator: resource_type properties: enforcement_point_path: description: | Policy Path referencing the enforcement point to which the config belongs. readOnly: true title: |- Enforcement point Path type: string resource_type: enum: - L2VpnPeerCodes type: string required: - resource_type title: |- Peer config per Enforcement Point type: object x-vmw-nsx-module: PolicyL2Vpn L2VpnPerSegmentTrafficStatistics: description: |- Traffic statistics for a segment. properties: bum_bytes_in: description: | Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) bytes. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) bytes in type: integer bum_bytes_out: description: | Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) bytes. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) bytes out type: integer bum_packets_in: description: | Total number of incoming Broadcast, Unknown unicast and Multicast (BUM) packets. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) packets in type: integer bum_packets_out: description: | Total number of outgoing Broadcast, Unknown unicast and Multicast (BUM) packets. format: int64 readOnly: true title: |- Broadcast, Unknown unicast and Multicast (BUM) packets out type: integer bytes_in: description: | Total number of incoming bytes. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: | Total number of outgoing bytes. format: int64 readOnly: true title: |- Bytes out type: integer packets_in: description: | Total number of incoming packets. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: | Total number of outgoing packets. format: int64 readOnly: true title: |- Packets out type: integer packets_receive_error: description: | Total number of incoming packets dropped. format: int64 readOnly: true title: |- Packets received error type: integer packets_sent_error: description: | Total number of packets dropped while sending for any reason. format: int64 readOnly: true title: |- Packets sent error type: integer segment_path: description: | Policy path referencing the segment on which stats are gathered. readOnly: true title: |- Segment Path type: string title: |- Traffic statistics per segment type: object x-vmw-nsx-module: PolicyVPNStatistics L2VpnSessionRemoteMacForSegment: description: |- Remote MAC addresses for logical switch. properties: remote_mac_addresses: description: |- Remote Mac addresses. items: type: string readOnly: true title: |- Mac addresses type: array segment_path: description: |- Intent path of the segment. title: |- Segment Path type: string required: - segment_path title: |- Remote MAC addresses for logical switch type: object x-vmw-nsx-module: PolicyVPNStatistics L2VpnSessionRemoteMacNsxT: allOf: - $ref: '#/definitions/L2VpnSessionRemoteMacPerEP' - properties: display_name: description: | Display name of L2Vpn session. readOnly: true title: |- Display Name type: string remote_macs: description: | List of mac addresses of logical switches for an l2vpn session. items: $ref: '#/definitions/L2VpnSessionRemoteMacForSegment' readOnly: true title: |- Remote mac addresses type: array type: object x-vmw-nsx-module: PolicyVPNStatistics description: | Remote Macs of L2Vpn Session on NsxT. title: |- L2Vpn session Remote Mac x-vmw-nsx-module: PolicyVPNStatistics L2VpnSessionRemoteMacPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: enum: - L2VpnSessionRemoteMacNsxT type: string required: - resource_type type: object x-vmw-nsx-module: PolicyVPNStatistics description: | L2Vpn Session Remote Macs Per Enforcement Point. title: |- L2Vpn Session Remote Macs Per EP x-vmw-nsx-module: PolicyVPNStatistics L2VpnSessionStatistics: allOf: - $ref: '#/definitions/L2VpnStatisticsPerEnforcementPoint' - properties: tap_traffic_counters: description: |- Tunnel port traffic counters. items: $ref: '#/definitions/L2VpnTapTrafficStatistics' readOnly: true title: |- Tunnel port traffic counters type: array traffic_statistics_per_segment: description: |- Traffic statistics per segment. items: $ref: '#/definitions/L2VpnPerSegmentTrafficStatistics' readOnly: true title: |- Traffic statistics per segment type: array type: object x-vmw-nsx-module: PolicyVPNStatistics description: | Session statistics gives VPN session status and traffic statistics per segment. title: |- L2Vpn session statistics x-vmw-nsx-module: PolicyVPNStatistics L2VpnStatisticsPerEnforcementPoint: description: | L2Vpn Statistics Per Enforcement Point. discriminator: resource_type properties: enforcement_point_path: description: | Policy Path referencing the enforcement point wehere the statistics are fetched. readOnly: true title: |- Enforcement point Path type: string resource_type: enum: - L2VpnSessionStatistics type: string required: - resource_type title: |- L2Vpn Statistics Per Enforcement Point type: object x-vmw-nsx-module: PolicyVPNStatistics L2VpnTapTrafficStatistics: description: | TAP (Terminal access point) traffic statistics for L2Vpn. properties: bytes_in: description: | Total number of incoming bytes. format: int64 readOnly: true title: |- Bytes in type: integer bytes_out: description: | Total number of outgoing bytes. format: int64 readOnly: true title: |- Bytes out type: integer packets_in: description: | Total number of incoming packets. format: int64 readOnly: true title: |- Packets in type: integer packets_out: description: | Total number of outgoing packets. format: int64 readOnly: true title: |- Packets out type: integer packets_receive_error: description: | Total number of incoming packets dropped. format: int64 readOnly: true title: |- packets recieved error type: integer packets_sent_error: description: | Total number of packets dropped while sending for any reason. format: int64 readOnly: true title: |- Packets sent error type: integer title: |- L2Vpn TAP (Terminal access point) traffic statistics type: object x-vmw-nsx-module: PolicyVPNStatistics L2VpnTransportTunnelPeerCode: description: | L2Vpn transport tunnel peer code. properties: peer_code: description: | Copy this code to paste on the remote end of the tunnel. This is a base64 encoded string which has all the configuration for tunnel. E.g local/remote ips and protocol, encryption algorithm, etc. Peer code also contains PSK; be careful when sharing or storing it. title: |- Peer code for the transport tunnel type: string transport_tunnel_path: description: |- Policy path referencing the transport tunnel. title: |- Policy path referencing the transport tunnel type: string required: - peer_code - transport_tunnel_path title: |- L2Vpn Transport Tunnel Peer Code type: object x-vmw-nsx-module: PolicyL2Vpn L3Vpn: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dh_groups: description: | Diffie-Hellman group to be used if PFS is enabled. Default group is GROUP14. items: description: | Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. enum: - GROUP2 - GROUP5 - GROUP14 - GROUP15 - GROUP16 type: string maxItems: 1 title: |- DH group type: array uniqueItems: true enable_perfect_forward_secrecy: default: true description: | If true, perfect forward secrecy (PFS) is enabled. title: |- Enable perfect forward secrecy type: boolean enabled: default: true description: | Flag to enable L3Vpn. Default is enabled. title: |- Enable L3Vpn type: boolean ike_digest_algorithms: description: | Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256. items: description: | The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash. enum: - SHA1 - SHA2_256 type: string maxItems: 1 title: |- Digest Algorithm for IKE type: array uniqueItems: true ike_encryption_algorithms: description: | Algorithm to be used during Internet Key Exchange(IKE) negotiation. Default is AES_128. items: description: | IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GMAC_128 uses 128-bit keys. AES_GMAC_192 uses 192-bit keys. AES_GMAC_256 uses 256-bit keys. enum: - AES_128 - AES_256 - AES_GCM_128 - AES_GCM_192 - AES_GCM_256 type: string maxItems: 1 title: |- Encryption algorithm for IKE type: array uniqueItems: true ike_version: default: IKE_V2 description: | IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2. enum: - IKE_V1 - IKE_V2 - IKE_FLEX type: string l3vpn_session: $ref: '#/definitions/L3VpnSession' local_address: description: |- IPv4 address of local gateway format: ipv4 type: string passphrases: description: | List of IPSec pre-shared keys used for IPSec authentication. If not specified, the older passphrase values are retained if there are any. items: type: string maxItems: 1 title: |- List of IPSec pre-shared keys type: array uniqueItems: true remote_private_address: description: | This field is used to resolve conflicts in case of a remote site being behind NAT as remote public ip address is not enough. If it is not the case the remote public address should be provided here. If not provided, the value of this field is set to remote_public_address. title: |- Identifier of the remote site type: string remote_public_address: description: |- Public IPv4 address of remote gateway format: ipv4 type: string tunnel_digest_algorithms: description: | Algorithm to be used for message digest during tunnel establishment. Default algorithm is empty. items: description: | The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment. SHA1 produces 160 bits hash and SHA2_256 produces 256 bit hash. enum: - SHA1 - SHA2_256 type: string maxItems: 1 title: |- Digest Algorithm for Tunnel Establishment type: array uniqueItems: true tunnel_encryption_algorithms: description: | Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128. items: description: | TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. enum: - AES_128 - AES_256 - AES_GCM_128 - AES_GCM_192 - AES_GCM_256 type: string maxItems: 1 title: |- Encryption algorithm for Tunnel Establishement type: array uniqueItems: true required: - local_address - remote_public_address - l3vpn_session type: object x-vmw-nsx-module: PolicyL3Vpn description: | Contains information necessary to configure IPSec VPN. title: |- L3 Virtual Private Network Configuration x-vmw-nsx-module: PolicyL3Vpn L3VpnContext: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: available_local_addresses: description: | Local gateway IPv4 addresses available for configuration of each L3Vpn. items: $ref: '#/definitions/PolicyIPAddressInfo' title: |- IPv4 addresses of the local gateway type: array uniqueItems: true bypass_rules: description: | Bypass L3Vpn rules that will be shared across L3Vpns. Only Bypass action is supported on these L3Vpn rules. items: $ref: '#/definitions/L3VpnRule' title: |- List of Bypass L3VpnRules type: array uniqueItems: true enabled: default: true description: | If true, enable L3Vpn Service for given tier-0. Enabling/disabling this service affects all L3Vpns under the given tier-0. title: |- Enable L3 Virtual Private Network (VPN) service type: boolean ike_log_level: default: INFO description: | Log level for internet key exchange (IKE). enum: - DEBUG - INFO - WARN - ERROR - EMERGENCY title: |- Internet key exchange (IKE) log level type: string label: description: | Policy path referencing Label. A label is used as a mechanism to group route-based L3Vpns in order to apply edge firewall rules on members' VTIs. title: |- Policy path referencing Label type: string type: object x-vmw-nsx-module: PolicyL3Vpn description: | L3Vpn Context provides the configuration context that different L3Vpns can consume. title: |- L3Vpn Context x-vmw-nsx-module: PolicyL3Vpn L3VpnListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- L3Vpn list results items: $ref: '#/definitions/L3Vpn' title: |- L3Vpn list results type: array required: - results type: object x-vmw-nsx-module: PolicyL3Vpn description: |- Paged Collection of L3Vpns title: |- Paged Collection of L3Vpns x-vmw-nsx-module: PolicyL3Vpn L3VpnRule: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action: default: PROTECT description: | Action to exchange data with or without protection. PROTECT - Allows to exchange data with ipsec protection. Protect rules are defined per L3Vpn. BYPASS - Allows to exchange data without ipsec protection. Bypass rules are defined per L3VpnContext and affects all policy based L3Vpns. Bypass rules are prioritized over protect rules. enum: - PROTECT - BYPASS title: |- Action to apply to the traffic transiting through the L3Vpn type: string destinations: description: | List of remote subnets used in policy-based L3Vpn. items: $ref: '#/definitions/L3VpnSubnet' maxItems: 128 minItems: 1 title: |- List of remote subnets type: array uniqueItems: true sequence_number: description: | This field is used to resolve conflicts between multiple L3VpnRules associated with a single L3Vpn or L3VpnContext. format: int32 title: |- Sequence number of the L3VpnRule type: integer sources: description: | List of local subnets used in policy-based L3Vpn. items: $ref: '#/definitions/L3VpnSubnet' maxItems: 128 minItems: 1 title: |- List of local subnets type: array uniqueItems: true required: - sources - destinations type: object x-vmw-nsx-module: PolicyL3Vpn description: | For policy-based L3Vpn sessions, a rule specifies as its action the vpn tunnel to be used for transit traffic that meets the rule's match criteria. title: |- L3Vpn Rule x-vmw-nsx-module: PolicyL3Vpn L3VpnSession: description: | Contains information about L3Vpn session. discriminator: resource_type properties: resource_type: description: | - A Policy Based L3Vpn is a configuration in which protect rules to match local and remote subnet needs to be defined. Tunnel is established for each pair of local and remote subnet defined in protect rules. - A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet (commonly known as VTI) is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn. enum: - PolicyBasedL3VpnSession - RouteBasedL3VpnSession type: string required: - resource_type title: |- L3Vpn Session type: object x-vmw-nsx-module: PolicyL3Vpn L3VpnStatisticsPerEnforcementPoint: description: | L3Vpn Statistics Per Enforcement Point. discriminator: resource_type properties: enforcement_point_path: description: | Policy Path referencing the enforcement point wehere the statistics are fetched. readOnly: true title: |- Enforcement point Path type: string resource_type: enum: - IPSecVpnSessionStatistics type: string required: - resource_type title: |- L3Vpn Statistics Per Enforcement Point type: object x-vmw-nsx-module: PolicyVPNStatistics L3VpnSubnet: description: | Used to specify subnets in L3Vpn rule. properties: subnet: description: | Subnet used in L3Vpn Rule. format: ipv4-cidr-block type: string required: - subnet title: |- Subnet used in L3Vpn Rule type: object x-vmw-nsx-module: PolicyL3Vpn L4PortSetServiceEntry: allOf: - $ref: '#/definitions/ServiceEntry' - properties: destination_ports: description: | Number of values should not exceed 15, ranges count as 2 values. items: description: | Examples- Single port "8080", Range of ports "8090-8095" format: port-or-range type: string maxItems: 15 type: array l4_protocol: enum: - TCP - UDP type: string source_ports: description: | Number of values should not exceed 15, ranges count as 2 values. items: description: | Examples- Single port "8080", Range of ports "8090-8095" format: port-or-range type: string maxItems: 15 type: array required: - l4_protocol type: object x-vmw-nsx-module: Policy description: | L4PortSet can be specified in comma separated notation of parts. Parts of a L4PortSet includes single integer or range of port in hyphen notation. Example of a PortSet: "22, 33-70, 44". title: |- An ServiceEntry that represents TCP or UDP protocol x-vmw-nsx-module: Policy L7AccessAttributes: allOf: - $ref: '#/definitions/PolicyAttributes' - type: object x-vmw-nsx-module: L7AccessProfile description: | Supported Attribute Keys are APP_ID, URL_CATEGORY, URL_REPUTATION, CUSTOM_URL title: |- Policy Attributes data holder x-vmw-nsx-module: L7AccessProfile L7AccessEntry: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action: description: |- The action to be applied to all the services. enum: - ALLOW - REJECT - REJECT_WITH_RESPONSE type: string attributes: description: |- Property containing attributes/sub-attributes for Policy L7 Access Profile. items: $ref: '#/definitions/L7AccessAttributes' maxItems: 1 title: |- Array of Policy L7 Access Profile attributes type: array disabled: default: false description: |- Flag to disable the entry. Default is enabled. readOnly: false title: |- Flag to disable the entry type: boolean logged: default: false description: |- Flag to enable packet logging. Default is disabled. readOnly: false title: |- Enable logging flag type: boolean sequence_number: description: | Determines the order of the entry in this profile. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. format: int32 title: |- Policy L7 Access Entry Order type: integer required: - action - attributes type: object x-vmw-nsx-module: L7AccessProfile description: | An entity that encapsulates attributes like APP_ID, CUSTOM_URL, URL_CATEGORY, URL_REPUTATION. title: |- Policy L7 Access entry x-vmw-nsx-module: L7AccessProfile L7AccessEntryListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- L7 access Entry list results items: $ref: '#/definitions/L7AccessEntry' title: |- L7 access Entry list results type: array required: - results type: object x-vmw-nsx-module: L7AccessProfile description: |- Paged Collection of l7 profile entries title: |- Paged Collection of l7 profile entries x-vmw-nsx-module: L7AccessProfile L7AccessProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: default_action: description: |- The action to be applied to all the services. enum: - ALLOW - REJECT - REJECT_WITH_RESPONSE type: string default_action_logged: default: false description: |- Flag to enable packet logging. Default is disabled. readOnly: false title: |- Enable default logging flag type: boolean entry_count: description: | The count of entries in the L7 profile. format: int32 readOnly: true title: |- Entry count type: integer l7_access_entries: description: | Property containing L7 access entries for Policy L7 Access Profile. items: $ref: '#/definitions/L7AccessEntry' maxItems: 1000 title: |- Array of Policy L7 Access Profile entries type: array required: - default_action type: object x-vmw-nsx-module: L7AccessProfile description: | An entity that encapsulates multiple L7 access profile entries. The entity wil be consumed in firewall rules and can be added in new tuple called profile in firewall rules. One of either Context Profile or L7 Access Profile can be used in firewall rule. title: |- Policy L7 Acces profile x-vmw-nsx-module: L7AccessProfile L7AccessProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Policy L7 Access profile list results items: $ref: '#/definitions/L7AccessProfile' title: |- Policy L7 Access profile list results type: array required: - results type: object x-vmw-nsx-module: L7AccessProfile description: |- Paged Collection of Policy L7 Access profiles title: |- Paged Collection of Policy L7 Access profiles x-vmw-nsx-module: L7AccessProfile LBAccessListControl: description: | LBAccessListControl is used to define how IP access list control can filter the connections from clients. properties: action: description: | ALLOW means connections matching grouping object IP list are allowed and requests not matching grouping object IP list are dropped. DROP means connections matching grouping object IP list are dropped and requests not matching grouping object IP list are allowed. enum: - ALLOW - DROP title: |- IP access list control action type: string enabled: default: false description: | The enabled flag indicates whether to enable access list control option. It is false by default. title: |- Whether to enable access list control option type: boolean group_path: description: | The path of grouping object which defines the IP addresses or ranges to match the client IP. title: |- Grouping object path type: string required: - action - group_path title: |- IP access list control to filter the connections from clients type: object x-vmw-nsx-module: PolicyLoadBalancer LBActiveMonitor: allOf: - $ref: '#/definitions/LBMonitorProfile' - properties: fall_count: default: 3 description: | Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN. format: int64 maximum: 2147483647 minimum: 1 title: |- Monitor fall count for active healthchecks type: integer interval: default: 5 description: | Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group. format: int64 maximum: 2147483647 minimum: 1 title: |- Monitor interval in seconds for active healthchecks type: integer monitor_port: description: | Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required. format: int32 maximum: 65535 minimum: 0 title: |- Monitor port for active healthchecks type: integer rise_count: default: 3 description: | Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state. format: int64 maximum: 2147483647 minimum: 1 title: |- Monitor rise count for active healthchecks type: integer timeout: default: 5 description: | Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. format: int64 maximum: 2147483647 minimum: 1 title: |- Monitor timeout in seconds for active healthchecks type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: | All the active types of LBMonitorProfile extend from this abstract class. This is present for extensibility. title: |- Base class for each type of active LBMonitorProfile x-vmw-nsx-module: PolicyLoadBalancer LBAppProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: description: | An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile. LBFastTCPProfile or LBFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LBHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LBHttpProfile is intended to simplify enabling certain common use cases. LBHttpProfile is deprecated as NSX-T Load Balancer is deprecated. enum: - LBHttpProfile - LBFastTcpProfile - LBFastUdpProfile type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- App profile. title: |- App profile x-vmw-nsx-module: PolicyLoadBalancer LBAppProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LBAppProfile list results items: $ref: '#/definitions/LBAppProfile' title: |- LBAppProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Paged Collection of LBAppProfile title: |- Paged Collection of LBAppProfile x-vmw-nsx-module: PolicyLoadBalancer LBClientCertificateIssuerDnCondition: description: |- Match condition for client certficate issuer DN. properties: case_sensitive: default: true description: | If true, case is significant when comparing issuer DN value. title: |- A case sensitive flag for issuer DN comparing type: boolean issuer_dn: description: |- Value of issuer DN. title: |- Value of issuer DN type: string match_type: default: REGEX description: |- Match type of issuer DN. enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string required: - issuer_dn title: |- Match condition for client certficate issuer DN type: object x-vmw-nsx-module: PolicyLoadBalancer LBClientCertificateSubjectDnCondition: description: |- Match condition for client certficate subject DN. properties: case_sensitive: default: true description: | If true, case is significant when comparing subject DN value. title: |- A case sensitive flag for subject DN comparing type: boolean match_type: default: REGEX description: |- Match type of subject DN. enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string subject_dn: description: |- Value of subject DN. title: |- Value of subject DN type: string required: - subject_dn title: |- Match condition for client certficate subject DN type: object x-vmw-nsx-module: PolicyLoadBalancer LBClientSslProfile: allOf: - $ref: '#/definitions/LBSslProfile' - properties: cipher_group_label: description: | It is a label of cipher group which is mostly consumed by GUI. enum: - BALANCED - HIGH_SECURITY - HIGH_COMPATIBILITY - CUSTOM type: string ciphers: description: |- Supported SSL cipher list to client side. items: description: |- SSL cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 type: string title: |- Supported SSL cipher list to client side type: array is_fips: description: | This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.. readOnly: true title: |- FIPS compliance of ciphers and protocols type: boolean is_secure: description: | This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. readOnly: true title: |- Secure/Insecure SSL profile flag type: boolean prefer_server_ciphers: default: true description: | During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference. title: |- Prefer server ciphers flag type: boolean protocols: description: | SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. items: description: |- SSL protocol enum: - SSL_V2 - SSL_V3 - TLS_V1 - TLS_V1_1 - TLS_V1_2 type: string title: |- Supported SSL protocol list to client side type: array session_cache_enabled: default: true description: | SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. title: |- Session cache enable/disable flag type: boolean session_cache_timeout: default: 300 description: | Session cache timeout specifies how long the SSL session parameters are held on to and can be reused. format: int64 maximum: 86400 minimum: 1 title: |- SSL session cache timeout value type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Client SSL profile. LBClientSslProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- Client SSL profile x-vmw-nsx-module: PolicyLoadBalancer LBClientSslProfileBinding: description: | Client SSL profile binding. LBClientSslProfileBinding is deprecated as NSX-T Load Balancer is deprecated. properties: certificate_chain_depth: default: 3 description: | Authentication depth is used to set the verification depth in the client certificates chain. format: int64 maximum: 2147483647 minimum: 1 title: |- The maximum traversal depth of client certificate chain type: integer client_auth: default: IGNORE description: |- Client authentication mode. enum: - REQUIRED - IGNORE type: string client_auth_ca_paths: description: | If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified. items: type: string title: |- CA path list to verify client certificate type: array client_auth_crl_paths: description: | A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates. items: type: string title: |- CRL path list to verify client certificate type: array default_certificate_path: description: | A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension. title: |- Default service certificate identifier type: string sni_certificate_paths: description: | Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server. items: type: string title: |- SNI certificate path list type: array ssl_profile_path: description: | Client SSL profile defines reusable, application-independent client side SSL properties. title: |- Client SSL profile path type: string required: - default_certificate_path title: |- Client SSL profile binding type: object x-vmw-nsx-module: PolicyLoadBalancer LBClientSslProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of load balancer client SSL profiles items: $ref: '#/definitions/LBClientSslProfile' title: |- Paginated list of load balancer client SSL profiles type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer x-vmw-nsx-module: PolicyLoadBalancer LBConnectionDropAction: allOf: - $ref: '#/definitions/LBRuleAction' - type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to drop the connections. There is no extra propery in this action. If there is no match condition specified, the connection will be always dropped. This action can be specified at HTTP_ACCESS or HTTP_FORWARDING pahse. title: |- Action to drop connections x-vmw-nsx-module: PolicyLoadBalancer LBCookiePersistenceProfile: allOf: - $ref: '#/definitions/LBPersistenceProfile' - properties: cookie_domain: description: | HTTP cookie domain could be configured, only available for insert mode. title: |- Cookie domain type: string cookie_fallback: default: true description: | If fallback is true, once the cookie points to a server that is down (i.e. admin state DISABLED or healthcheck state is DOWN), then a new server is selected by default to handle that request. If fallback is false, it will cause the request to be rejected if cookie points to a server. title: |- Cookie persistence fallback type: boolean cookie_garble: default: true description: | If garble is set to true, cookie value (server IP and port) would be encrypted. If garble is set to false, cookie value would be plain text. title: |- Cookie persistence garble type: boolean cookie_httponly: default: false description: | If cookie httponly flag is true, it prevents a script running in the browser from accessing the cookie. Only available for insert mode. title: |- Cookie httponly flag type: boolean cookie_mode: default: INSERT description: |- Cookie persistence mode. enum: - INSERT - PREFIX - REWRITE type: string cookie_name: default: NSXLB description: |- Cookie name. title: |- Cookie name type: string cookie_path: description: | HTTP cookie path could be set, only available for insert mode. title: |- Cookie path type: string cookie_secure: default: false description: | If cookie secure flag is true, it prevents the browser from sending a cookie over http. The cookie is sent only over https. Only available for insert mode. title: |- Cookie secure flag type: boolean cookie_time: $ref: '#/definitions/LBCookieTime' type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBCookiePersistenceProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- LBPersistenceProflie using Cookies for L7 LBVirtualServer x-vmw-nsx-module: PolicyLoadBalancer LBCookieTime: description: |- Cookie time. discriminator: type properties: type: description: | Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting enum: - LBSessionCookieTime - LBPersistenceCookieTime type: string required: - type title: |- Cookie time type: object x-vmw-nsx-module: PolicyLoadBalancer LBEdgeNodeUsage: allOf: - $ref: '#/definitions/LBNodeUsage' - properties: current_large_load_balancer_count: description: | The count of large load balancer services configured on the node. format: int64 readOnly: true title: |- The current large load balancer count type: integer current_load_balancer_credits: description: | The current load balancer credits means the current credits used on the node. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured on a node, the current credit number is 2 * 10 = 20. format: int64 readOnly: true title: |- Current load balancer credits type: integer current_medium_load_balancer_count: description: | The count of medium load balancer services configured on the node. format: int64 readOnly: true title: |- The current medium load balancer count type: integer current_pool_count: description: | The count of pools configured on the node. format: int64 readOnly: true title: |- The current pool count. type: integer current_pool_member_count: description: | The count of pool members configured on the node. format: int64 readOnly: true title: |- The current pool member count type: integer current_small_load_balancer_count: description: | The count of small load balancer services configured on the node. format: int64 readOnly: true title: |- The current small load balancer count type: integer current_virtual_server_count: description: | The count of virtual servers configured on the node. format: int64 readOnly: true title: |- The current virtual server count type: integer current_xlarge_load_balancer_count: description: | The count of xlarge load balancer services configured on the node. format: int64 readOnly: true title: |- The current xlarge load balancer count type: integer edge_cluster_path: description: | The path of edge cluster which contains the edge node. readOnly: true title: |- The path of edge cluster type: string form_factor: description: | The form factor of the given edge node. enum: - SMALL_VIRTUAL_MACHINE - MEDIUM_VIRTUAL_MACHINE - LARGE_VIRTUAL_MACHINE - XLARGE_VIRTUAL_MACHINE - PHYSICAL_MACHINE readOnly: true title: |- The form factor of the given edge node type: string load_balancer_credit_capacity: description: | The load balancer credit capacity means the maximum credits which can be used for load balancer configuration for the given edge node. format: int64 readOnly: true title: |- Load balancer credit capacity type: integer pool_member_capacity: description: | Pool member capacity means maximum number of pool members which can be configured on the given edge node. format: int64 readOnly: true title: |- The pool member capacity type: integer remaining_large_load_balancer_count: description: | The remaining count of large load balancer services which can be configured on the given edge node. format: int64 readOnly: true title: |- The remaining large load balancer count type: integer remaining_medium_load_balancer_count: description: | The remaining count of medium load balancer services which can be configured on the given edge node. format: int64 readOnly: true title: |- The remaining medium load balancer count type: integer remaining_small_load_balancer_count: description: | The remaining count of small load balancer services which can be configured on the given edge node. format: int64 readOnly: true title: |- The remaining small load balancer count type: integer remaining_xlarge_load_balancer_count: description: | The remaining count of xlarge load balancer services which can be configured on the given edge node. format: int64 readOnly: true title: |- The remaining xlarge load balancer count type: integer severity: description: | The severity calculation is based on current credit usage percentage of load balancer for one node. enum: - GREEN - ORANGE - RED readOnly: true type: string usage_percentage: description: | The usage percentage of the edge node for load balancer. The value is the larger value between load balancer credit usage percentage and pool member usage percentage for the edge node. readOnly: true title: |- Usage percentage type: number type: object x-vmw-nsx-module: PolicyLBStatistics description: | The capacity contains basic information and load balancer entity usages and capacity for the given edge node. title: |- The load balancer usage for an edge node x-vmw-nsx-module: PolicyLBStatistics LBFastTcpProfile: allOf: - $ref: '#/definitions/LBAppProfile' - properties: close_timeout: default: 8 description: | It is used to specify how long a closing TCP connection (both FINs received or a RST is received) should be kept for this application before cleaning up the connection. format: int64 maximum: 60 minimum: 1 title: |- TCP connection idle timeout in seconds type: integer ha_flow_mirroring_enabled: default: false description: | If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node. title: |- Flow mirroring enabled flag type: boolean idle_timeout: default: 1800 description: | It is used to configure how long an idle TCP connection in ESTABLISHED state should be kept for this application before cleaning up. format: int64 maximum: 2147483647 minimum: 1 title: |- TCP connection idle timeout in seconds type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Fast TCP profile. title: |- Fast TCP profile x-vmw-nsx-module: PolicyLoadBalancer LBFastUdpProfile: allOf: - $ref: '#/definitions/LBAppProfile' - properties: flow_mirroring_enabled: default: false description: | If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node. title: |- Flow mirroring enabled flag type: boolean idle_timeout: default: 300 description: | Though UDP is a connectionless protocol, for the purposes of load balancing, all UDP packets with the same flow signature (source and destination IP/ports and IP protocol) received within the idle timeout period are considered to belong to the same connection and are sent to the same backend server. If no packets are received for idle timeout period, the connection (association between flow signature and the selected server) is cleaned up. format: int64 maximum: 2147483647 minimum: 1 title: |- UDP idle timeout in seconds type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Fast UDP profile. title: |- Fast UDP profile x-vmw-nsx-module: PolicyLoadBalancer LBGenericPersistenceProfile: allOf: - $ref: '#/definitions/LBPersistenceProfile' - properties: ha_persistence_mirroring_enabled: default: false description: | The mirroring enabled flag is to synchronize persistence entries. Persistence entries are not synchronized to the HA peer by default. title: |- Mirroring enabled flag type: boolean timeout: default: 300 description: | When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time. format: int64 maximum: 2147483647 minimum: 1 title: |- Persistence entry expiration time in seconds type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to virtual server directly, it can be specified in LB rule actions. In HTTP forwarding phase, the profile can be specified in LBVariablePersistenceOnAction. In HTTP response rewriting phase, the profile can be specified in LBVariablePersistenceLearnAction. LBGenericPersistenceProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- LB generic persistence profile x-vmw-nsx-module: PolicyLoadBalancer LBHttpMonitorProfile: allOf: - $ref: '#/definitions/LBActiveMonitor' - properties: request_body: description: | String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST. title: |- HTTP health check request body type: string request_headers: description: |- Array of HTTP request headers. items: $ref: '#/definitions/LbHttpRequestHeader' title: |- Array of HTTP request headers type: array request_method: default: GET description: |- The health check method for HTTP monitor type. enum: - GET - OPTIONS - POST - HEAD - PUT type: string request_url: default: / description: | For HTTP active healthchecks, the HTTP request url sent can be customized and can include query parameters. title: |- Customized HTTP request url for active health checks type: string request_version: default: HTTP_VERSION_1_1 description: |- HTTP request version. enum: - HTTP_VERSION_1_0 - HTTP_VERSION_1_1 type: string response_body: description: | If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful. title: |- Response body to match type: string response_status_codes: description: | The HTTP response status code should be a valid HTTP status code. items: format: int32 type: integer maxItems: 64 title: |- Array of single HTTP response status codes type: array type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBHttpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- LBMonitorProfile for active health checks over HTTP x-vmw-nsx-module: PolicyLoadBalancer LBHttpProfile: allOf: - $ref: '#/definitions/LBAppProfile' - properties: http_redirect_to: description: | If a website is temporarily down or has moved, incoming requests for that virtual server can be temporarily redirected to a URL. title: |- Http redirect static URL type: string http_redirect_to_https: default: false description: | Certain secure applications may want to force communication over SSL, but instead of rejecting non-SSL connections, they may choose to redirect the client automatically to use SSL. title: |- Flag to indicate whether enable HTTP-HTTPS redirect type: boolean idle_timeout: default: 15 description: | It is used to specify the HTTP application idle timeout, it means that how long the load balancer will keep the connection idle to wait for the client to send the next keep-alive request. It is not a TCP socket setting. format: int64 maximum: 5400 minimum: 1 title: |- HTTP application idle timeout in seconds type: integer ntlm: description: | NTLM is an authentication protocol that can be used over HTTP. If the flag is set to true, LB will use NTLM challenge/response methodology. This property is deprecated. Please use the property server_keep_alive in order to keep the backend server connection alive for the client connection. When create a new profile, if both ntlm and server_keep_alive are set as different values, ERROR will be reported. When update an existing profile, if either ntlm or server_keep_alive value is changed, both of them are updated with the changed value. title: |- NTLM support flag type: boolean x-deprecated: true request_body_size: description: | If it is not specified, it means that request body size is unlimited. format: int64 maximum: 2147483647 minimum: 1 title: |- Maximum size of the buffer used to store HTTP request body type: integer request_header_size: default: 1024 description: | A request with header equal to or below this size is guaranteed to be processed. A request with header larger than request_header_size will be processed up to 32K bytes on best effort basis. format: int64 minimum: 1 title: |- Maximum size of the buffer used to store HTTP request headers type: integer response_buffering: default: false description: | When buffering is disabled, the response is passed to a client synchronously, immediately as it is received. When buffering is enabled, LB receives a response from the backend server as soon as possible, saving it into the buffers. title: |- Enable or disable buffering of responses type: boolean response_header_size: default: 4096 description: | A response with header larger than response_header_size will be dropped. format: int64 maximum: 65536 minimum: 1 title: |- Maximum size of the buffer used to store HTTP response headers type: integer response_timeout: default: 60 description: "If server doesn\u2019t send any packet within this time, the\ \ connection is closed.\n" format: int64 maximum: 2147483647 minimum: 1 title: |- Maximum server idle time in seconds type: integer server_keep_alive: description: | If server_keep_alive is true, it means the backend connection will keep alive for the client connection. Every client connection is tied 1:1 with the corresponding server-side connection. If server_keep_alive is false, it means the backend connection won't keep alive for the client connection. If server_keep_alive is not specified for API input, its value in API output will be the same with the property ntlm. title: |- Server keep-alive flag type: boolean x_forwarded_for: description: | When X-Forwareded-For is configured, X-Forwarded-Proto and X-Forwarded-Port information is added automatically. The two additional header information can be also modified or deleted in load balancer rules. enum: - INSERT - REPLACE type: string type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Http profile. LBHttpProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- Http profile x-vmw-nsx-module: PolicyLoadBalancer LBHttpRedirectAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: redirect_status: description: |- HTTP response status code. title: |- HTTP response status code type: string redirect_url: description: |- The URL that the HTTP request is redirected to. title: |- The URL that the HTTP request is redirected to type: string required: - redirect_status - redirect_url type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to redirect HTTP request messages to a new URL. The reply_status value specified in this action is used as the status code of HTTP response message which is sent back to client (Normally a browser). The HTTP status code for redirection is 3xx, for example, 301, 302, 303, 307, etc. The redirect_url is the new URL that the HTTP request message is redirected to. Normally browser will send another HTTP request to the new URL after receiving a redirection response message. Captured variables and built-in variables can be used in redirect_url field. For example, to redirect all HTTP requests to HTTPS requests for a virtual server. We create an LBRule without any conditions, add an LBHttpRedirectAction to the rule. Set the redirect_url field of the LBHttpRedirectAction to: https://$_host$_request_uri And set redirect_status to "302", which means found. This rule will redirect all HTTP requests to HTTPS server port on the same host. title: |- Action to redirect HTTP request messages x-vmw-nsx-module: PolicyLoadBalancer LBHttpRejectAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: reply_message: description: |- Response message. title: |- Response message type: string reply_status: description: |- HTTP response status code. title: |- HTTP response status code type: string required: - reply_status type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to reject HTTP request messages. The specified reply_status value is used as the status code for the corresponding HTTP response message which is sent back to client (Normally a browser) indicating the reason it was rejected. Reference official HTTP status code list for your specific HTTP version to set the reply_status properly. LBHttpRejectAction does not support variables. title: |- Action to reject HTTP request messages x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestBodyCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: body_value: description: |- HTTP request body title: |- HTTP request body type: string case_sensitive: default: true description: | If true, case is significant when comparing HTTP body value. title: |- A case sensitive flag for HTTP body comparing type: boolean match_type: default: REGEX description: |- Match type of HTTP body enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string required: - body_value type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match the message body of an HTTP request. Typically, only HTTP POST, PATCH, or PUT requests have request body. The match_type field defines how body_value field is used to match the body of HTTP requests. title: |- Condition to match content of HTTP request message body x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestCookieCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: case_sensitive: default: true description: | If true, case is significant when comparing cookie value. title: |- A case sensitive flag for cookie value comparing type: boolean cookie_name: description: |- Cookie name. title: |- Name of cookie type: string cookie_value: description: |- Cookie value. title: |- Value of cookie type: string match_type: default: REGEX description: |- Match type of cookie value. enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string required: - cookie_name - cookie_value type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match HTTP request messages by cookie which is a specific type of HTTP header. The match_type and case_sensitive define how to compare cookie value. title: |- Condition to match HTTP request cookie x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestHeaderCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: case_sensitive: default: true description: | If true, case is significant when comparing HTTP header value. title: |- A case sensitive flag for HTTP header value comparing type: boolean header_name: default: Host description: |- Name of HTTP header title: |- Name of HTTP header type: string header_value: description: |- Value of HTTP header title: |- Value of HTTP header type: string match_type: default: REGEX description: |- Match type of HTTP header value enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string required: - header_value type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match HTTP request messages by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP requests. The header_name field does not support match types. title: |- Condition to match HTTP request header x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestHeaderDeleteAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: header_name: description: |- Name of a header field of HTTP request message. title: |- Name of a header field of HTTP request message type: string required: - header_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to delete header fields of HTTP request messages at HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers with same header name. To delete headers with different header names, multiple actions must be defined. title: |- Action to delete HTTP request header fields x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestHeaderRewriteAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: header_name: description: |- Name of HTTP request header. title: |- Name of HTTP request header type: string header_value: description: |- Value of HTTP request header. title: |- Value of HTTP request header type: string required: - header_value - header_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to rewrite header fields of matched HTTP request messages to specified new values. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables. title: |- Action to rewrite header fields of HTTP request messages x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestMethodCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: method: description: |- Type of HTTP request method enum: - GET - OPTIONS - POST - HEAD - PUT type: string required: - method type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match method of HTTP requests. If the method of an HTTP request is same as the method specified in this condition, the HTTP request match this condition. For example, if the method field is set to GET in this condition, any HTTP request with GET method matches the condition. title: |- Condition to match method of HTTP request messages x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestUriArgumentsCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: case_sensitive: default: true description: | If true, case is significant when comparing URI arguments. title: |- A case sensitive flag for URI arguments comparing type: boolean match_type: default: REGEX description: |- Match type of URI arguments enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string uri_arguments: description: | URI arguments, aka query string of URI. title: |- URI arguments type: string required: - uri_arguments type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match URI arguments aka query string of Http request messages, for example, in URI http://exaple.com?foo=1&bar=2, the "foo=1&bar=2" is the query string containing URI arguments. In an URI scheme, query string is indicated by the first question mark ("?") character and terminated by a number sign ("#") character or by the end of the URI. The uri_arguments field can be specified as a regular expression(Set match_type to REGEX). For example, "foo=(?<x>\d+)". It matches HTTP requests whose URI arguments containing "foo", the value of foo contains only digits. And the value of foo is captured as $x which can be used in LBRuleAction fields which support variables. title: |- Condition to match URI arguments of HTTP requests x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestUriCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: case_sensitive: default: true description: | If true, case is significant when comparing URI. title: |- A case sensitive flag for URI comparing type: boolean match_type: default: REGEX description: |- Match type of URI enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string uri: description: |- A string used to identify resource title: |- A string used to identify resource type: string required: - uri type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match URIs(Uniform Resource Identifier) of HTTP request messages. The URI field can be specified as a regular expression. If an HTTP request message is requesting an URI which matches specified regular expression, it matches the condition. The syntax of whole URI looks like this: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] This condition matches only the path part of entire URI. When match_type field is specified as REGEX, the uri field is used as a regular expression to match URI path of HTTP requests. For example, to match any URI that has "/image/" or "/images/", uri field can be specified as: "/image[s]?/". Named capturing groups can be used in the uri field to capture substrings of matched URIs and store them in variables for use in LBRuleAction. For example, specify uri field as: "/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)" If the URI path is /articles/news/2017/06/xyz.html, then substring "2017" is captured in variable year, "06" is captured in variable month, and "xyz.html" is captured in variable article. These variables can then be used in an LBRuleAction field which supports variables, such as uri field of LBHttpRequestUriRewriteAction. For example, set the uri field of LBHttpRequestUriRewriteAction as: "/articles/news/$year-$month-$article" Then the URI path /articles/news/2017/06/xyz.html is rewritten to: "/articles/news/2017-06-xyz.html" title: |- Condition to match URIs of HTTP request messages x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestUriRewriteAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: uri: description: |- URI of HTTP request. title: |- URI of HTTP request type: string uri_arguments: description: | Query string of URI, typically contains key value pairs, for example: foo1=bar1&foo2=bar2. title: |- URI arguments type: string required: - uri type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to rewrite URIs in matched HTTP request messages. Specify the uri and uri_arguments fields in this condition to rewrite the matched HTTP request message's URI and URI arguments to the new values. Full URI scheme of HTTP messages have following syntax: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] The uri field of this action is used to rewrite the /path part in above scheme. And the uri_arguments field is used to rewrite the query part. Captured variables and built-in variables can be used in the uri and uri_arguments fields. Check the example in LBRuleAction to see how to use variables in this action. title: |- Action to rewrite HTTP request URIs. x-vmw-nsx-module: PolicyLoadBalancer LBHttpRequestVersionCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: version: description: |- HTTP version enum: - HTTP_VERSION_1_0 - HTTP_VERSION_1_1 type: string required: - version type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match the HTTP protocol version of the HTTP request messages. title: |- Condition to match HTTP protocol version of HTTP requests x-vmw-nsx-module: PolicyLoadBalancer LBHttpResponseHeaderCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: case_sensitive: default: true description: | If true, case is significant when comparing HTTP header value. title: |- A case sensitive flag for HTTP header value comparing type: boolean header_name: description: |- Name of HTTP header field title: |- Name of HTTP header field type: string header_value: description: |- Value of HTTP header field title: |- Value of HTTP header field type: string match_type: default: REGEX description: |- Match type of HTTP header value enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string required: - header_value - header_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match HTTP response messages from backend servers by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP responses. The header_name field does not support match types. title: |- Condition to match a header field of HTTP response x-vmw-nsx-module: PolicyLoadBalancer LBHttpResponseHeaderDeleteAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: header_name: description: |- Name of a header field of HTTP response message. title: |- Name of a header field of HTTP response message type: string required: - header_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to delete header fields of HTTP response messages at HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers with same header name. To delete headers with different header names, multiple actions must be defined. title: |- Action to delete HTTP response header fields x-vmw-nsx-module: PolicyLoadBalancer LBHttpResponseHeaderRewriteAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: header_name: description: |- Name of a header field of HTTP request message. title: |- Name of a header field of HTTP request message type: string header_value: description: |- Value of header field title: |- Value of header field type: string required: - header_value - header_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to rewrite header fields of HTTP response messages to specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables. title: |- Action to rewrite HTTP response header fields x-vmw-nsx-module: PolicyLoadBalancer LBHttpSslCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: client_certificate_issuer_dn: $ref: '#/definitions/LBClientCertificateIssuerDnCondition' client_certificate_subject_dn: $ref: '#/definitions/LBClientCertificateSubjectDnCondition' client_supported_ssl_ciphers: description: |- Cipher list which supported by client. items: description: |- SSL cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 type: string title: |- Cipher list which supported by client type: array session_reused: default: IGNORE description: |- The type of SSL session reused. enum: - IGNORE - REUSED - NEW type: string used_protocol: description: |- Protocol of an established SSL connection. enum: - SSL_V2 - SSL_V3 - TLS_V1 - TLS_V1_1 - TLS_V1_2 type: string used_ssl_cipher: description: |- Cipher used for an established SSL connection. enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 type: string type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match SSL handshake and SSL connection at all phases.If multiple properties are configured, the rule is considered a match when all the configured properties are matched. title: |- Condition to match SSL handshake and SSL connection x-vmw-nsx-module: PolicyLoadBalancer LBHttpsMonitorProfile: allOf: - $ref: '#/definitions/LBActiveMonitor' - properties: request_body: description: | String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST. title: |- HTTP health check request body type: string request_headers: description: |- Array of HTTP request headers. items: $ref: '#/definitions/LbHttpRequestHeader' title: |- Array of HTTP request headers type: array request_method: default: GET description: |- The health check method for HTTP monitor type. enum: - GET - OPTIONS - POST - HEAD - PUT type: string request_url: default: / description: | For HTTPS active healthchecks, the HTTPS request url sent can be customized and can include query parameters. title: |- Customized HTTPS request url for active health checks type: string request_version: default: HTTP_VERSION_1_1 description: |- HTTP request version. enum: - HTTP_VERSION_1_0 - HTTP_VERSION_1_1 type: string response_body: description: | If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful. title: |- Response body to match type: string response_status_codes: description: | The HTTP response status code should be a valid HTTP status code. items: format: int32 type: integer maxItems: 64 title: |- Array of single HTTP response status codes type: array server_ssl_profile_binding: $ref: '#/definitions/LBServerSslProfileBinding' type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTPS. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBHttpsMonitorProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- LBMonitorProfile for active health checks over HTTPS x-vmw-nsx-module: PolicyLoadBalancer LBIcmpMonitorProfile: allOf: - $ref: '#/definitions/LBActiveMonitor' - properties: data_length: default: 56 description: |- The data size (in byte) of the ICMP healthcheck packet format: int64 maximum: 65507 minimum: 0 title: |- The data size (in byte) of the ICMP healthcheck packet type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over ICMP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healt hchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBIcmpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- LBMonitorProfile for active health checks over ICMP x-vmw-nsx-module: PolicyLoadBalancer LBIpHeaderCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: group_path: description: | Source IP address of HTTP message should match IP addresses which are configured in Group in order to perform actions. title: |- Grouping object path type: string source_address: description: | Source IP address of HTTP message. IP Address can be expressed as a single IP address like 10.1.1.1, or a range of IP addresses like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported. format: address-or-block-or-range type: string type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match IP header fields of HTTP messages. Either source_address or group_id should be specified. title: |- Condition to match IP header fields x-vmw-nsx-module: PolicyLoadBalancer LBJwtAuthAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: key: $ref: '#/definitions/LBJwtKey' pass_jwt_to_pool: default: false description: | Specify whether to pass the JWT to backend server or remove it. By default, it is false which means will not pass the JWT to backend servers. title: |- Whether to pass the JWT to backend server or remove it type: boolean realm: description: | A description of the protected area. If no realm is specified, clients often display a formatted hostname instead. The configured realm is returned when client request is rejected with 401 http status. In the response, it will be "WWW-Authentication: Bearer realm=<realm>". title: |- JWT realm type: string tokens: description: | JWT is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Load balancer will search for every specified tokens one by one for the jwt message until found. This parameter is optional. In case not found or this field is not configured, load balancer searches the Bearer header by default in the http request "Authorization: Bearer <token>". items: type: string title: |- JWT tokens type: array type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to control access to backend server resources using JSON Web Token(JWT) authentication. The JWT authentication is done before any HTTP manipulation if the HTTP request matches the given condition in LBRule. Any verification failed, the HTTP process will be terminated, and HTTP response with 401 status code and WWW-Authentication header will be returned to client. title: |- Action to control access using JWT authentication x-vmw-nsx-module: PolicyLoadBalancer LBJwtCertificateKey: allOf: - $ref: '#/definitions/LBJwtKey' - properties: certificate_path: description: |- Certificate identifier title: |- Certificate identifier type: string required: - certificate_path type: object x-vmw-nsx-module: PolicyLoadBalancer description: | The key is used to specify certificate which is used to verify the signature of JWT tokens. title: |- Specifies certificate used to verify the signature of JWT tokens x-vmw-nsx-module: PolicyLoadBalancer LBJwtKey: description: | LBJwtKey specifies the symmetric key or asymmetric public key used to decrypt the data in JWT. discriminator: type properties: type: description: | The property is used to identify JWT key type. enum: - LBJwtCertificateKey - LBJwtSymmetricKey - LBJwtPublicKey type: string required: - type title: |- Load balancer JWT key type: object x-vmw-nsx-module: PolicyLoadBalancer LBJwtPublicKey: allOf: - $ref: '#/definitions/LBJwtKey' - properties: public_key_content: description: |- Content of public key title: |- Content of public key type: string required: - public_key_content type: object x-vmw-nsx-module: PolicyLoadBalancer description: | The key is used to specify the public key content which is used to verify the signature of JWT tokens. title: |- Specifies public key content used to verify the signature of JWT tokens x-vmw-nsx-module: PolicyLoadBalancer LBJwtSymmetricKey: allOf: - $ref: '#/definitions/LBJwtKey' - properties: {} type: object x-vmw-nsx-module: PolicyLoadBalancer description: | The key is used to specify the symmetric key which is used to verify the signature of JWT tokens. title: |- Specifies the symmetric key used to verify the signature of JWT tokens x-vmw-nsx-module: PolicyLoadBalancer LBMonitorProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: description: | There are two types of healthchecks: active and passive. Passive healthchecks depend on failures in actual client traffic (e.g. RST from server in response to a client connection) to detect that the server or the application is down. In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP and ICMP protocols. enum: - LBTcpMonitorProfile - LBUdpMonitorProfile - LBIcmpMonitorProfile - LBHttpMonitorProfile - LBHttpsMonitorProfile - LBPassiveMonitorProfile type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLoadBalancer description: | The object is deprecated as NSX-T Load Balancer is deprecated. x-vmw-nsx-module: PolicyLoadBalancer LBMonitorProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LBMonitorProfile list results items: $ref: '#/definitions/LBMonitorProfile' title: |- LBMonitorProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Paged Collection of LBMonitorProfiles title: |- Paged Collection of LBMonitorProfiles x-vmw-nsx-module: PolicyLoadBalancer LBNodeCountPerSeverity: description: | The node count for specific load balancer usage severity. properties: node_count: description: | Node count for specific serverity. format: int64 readOnly: true title: |- Node count for specific serverity type: integer severity: description: | The severity calculation is based on current credit usage percentage of load balancer for one node. enum: - GREEN - ORANGE - RED readOnly: true type: string title: |- The node count for specific severity type: object x-vmw-nsx-module: PolicyLBStatistics LBNodeUsage: description: | Node usage for load balancer contains basic information and LB entity usages and capacity for the given node. Only edge node is supported. discriminator: resource_type properties: node_path: description: | The property identifies the node path for load balancer node usage. For example, node_path=/infra/sites/default/enforcement-points/default /edge-clusters/85175e0b-4d74-461d-83e1-f3b785adef9c/edge-nodes /86e077c0-449f-11e9-87c8-02004eb37029. title: |- The node path for load balancer node usage type: string resource_type: description: | The property identifies the load balancer node usage type. title: |- Type of load balancer node usage type: string required: - resource_type - node_path title: |- Node usage for load balancer type: object x-vmw-nsx-module: PolicyLBStatistics LBNodeUsageSummary: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - properties: current_load_balancer_credits: description: | Current load balancer credits in use for all nodes. For example, configuring a medium load balancer on a node consumes 10 credits. If there are 2 medium instances configured, the current load balancer credit number is 2 * 10 = 20. format: int64 readOnly: true title: |- Current load balancer credits type: integer current_pool_member_count: description: | The overall count of pool members configured on all nodes. format: int64 readOnly: true title: |- The current pool member count type: integer load_balancer_credit_capacity: description: | The load balancer credit capacity means the maximum credits which can be used for load balancer service configuration for all nodes. format: int64 readOnly: true title: |- Load balancer credit capacity type: integer node_counts: description: | The property identifies array of node count for each severity. items: $ref: '#/definitions/LBNodeCountPerSeverity' readOnly: true title: |- Array of node count for each severity type: array node_usages: description: | The property identifies all LB node usages. By default, it is not included in response. It exists when parameter ?include_usages=true. items: $ref: '#/definitions/LBNodeUsage' readOnly: true title: |- LB node usages type: array pool_member_capacity: description: | Pool member capacity means maximum number of pool members which can be configured on all nodes. format: int64 readOnly: true title: |- The overall pool member capacity type: integer severity: description: | The severity calculation is based on overall credit usage percentage of load balancer for all nodes. enum: - GREEN - ORANGE - RED readOnly: true type: string usage_percentage: description: | The overall usage percentage of all nodes for load balancer. The value is the larger value between overall pool member usage percentage and overall load balancer credit usage percentage. readOnly: true title: |- Usage percentage type: number type: object x-vmw-nsx-module: PolicyLBStatistics description: | The load balancer node usage summary for all nodes from specific enforcement point. Only edge node is supported. The summary contains all edge nodes which are configured in edge clusters. title: |- LB node usage summary for all nodes x-vmw-nsx-module: PolicyLBStatistics LBPassiveMonitorProfile: allOf: - $ref: '#/definitions/LBMonitorProfile' - properties: max_fails: default: 5 description: | When the consecutive failures reach this value, then the member is considered temporarily unavailable for a configurable period format: int64 maximum: 2147483647 minimum: 1 title: |- Number of consecutive connection failures type: integer timeout: default: 5 description: | After this timeout period, the member is tried again for a new connection to see if it is available. format: int64 maximum: 2147483647 minimum: 1 title: |- Timeout in seconds before it is selected again for a new connection type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: | The passive type of LBMonitorProfile. LBPassiveMonitorProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- Base class for each type of active LBMonitorProfile x-vmw-nsx-module: PolicyLoadBalancer LBPersistenceCookieTime: allOf: - $ref: '#/definitions/LBCookieTime' - properties: cookie_max_idle: description: | HTTP cookie max-age to expire cookie, only available for insert mode. format: int64 maximum: 2147483647 minimum: 1 title: |- Persistence cookie max idle time in seconds type: integer required: - cookie_max_idle type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Persistence cookie time. title: |- Persistence cookie time x-vmw-nsx-module: PolicyLoadBalancer LBPersistenceProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: persistence_shared: default: false description: | Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions. title: |- Persistence shared across LBVirtualServers type: boolean resource_type: description: | The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated. enum: - LBSourceIpPersistenceProfile - LBCookiePersistenceProfile - LBGenericPersistenceProfile title: |- Persistence profile type type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to LBVirtualServer directly, it can be specified in LBVariablePersistenceOnAction or LBVariablePersistenceLearnAction in LBRule. If a user attaches a LBGenericPersistenceProfile directly to a virtual server, the operation is rejected. title: |- Contains the information related to load balancer persistence options x-vmw-nsx-module: PolicyLoadBalancer LBPersistenceProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LBPersistenceProfile list results items: $ref: '#/definitions/LBPersistenceProfile' title: |- LBPersistenceProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Paged Collection of LBPersistenceProfiles title: |- Paged Collection of LBPersistenceProfiles x-vmw-nsx-module: PolicyLoadBalancer LBPool: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: active_monitor_paths: description: | In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the pool. If multiple active monitors are configured, the pool member status is UP only when the health check status for all the monitors are UP. The property is deprecated as NSX-T Load Balancer is deprecated. items: type: string title: |- Active monitor path list type: array x-deprecated: true algorithm: default: ROUND_ROBIN description: | Load Balancing algorithm chooses a server for each new connection by going through the list of servers in the pool. Currently, following load balancing algorithms are supported with ROUND_ROBIN as the default. ROUND_ROBIN means that a server is selected in a round-robin fashion. The weight would be ignored even if it is configured. WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted round-robin fashion. Default weight of 1 is used if weight is not configured. LEAST_CONNECTION means that a server is selected when it has the least number of connections. The weight would be ignored even if it is configured. Slow start would be enabled by default. WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted least connection fashion. Default weight of 1 is used if weight is not configured. Slow start would be enabled by default. IP_HASH means that consistent hash is performed on the source IP address of the incoming connection. This ensures that the same client IP address will always reach the same server as long as no server goes down or up. It may be used on the Internet to provide a best-effort stickiness to clients which refuse session cookies. enum: - ROUND_ROBIN - WEIGHTED_ROUND_ROBIN - LEAST_CONNECTION - WEIGHTED_LEAST_CONNECTION - IP_HASH title: |- Load balancing algorithm type: string member_group: $ref: '#/definitions/LBPoolMemberGroup' members: description: | Server pool consists of one or more pool members. Each pool member is identified, typically, by an IP address and a port. items: $ref: '#/definitions/LBPoolMember' title: |- Load balancer pool members type: array min_active_members: default: 1 description: | A pool is considered active if there are at least certain minimum number of members. format: int64 maximum: 2147483647 minimum: 1 title: |- Minimum number of active pool members to consider pool as active type: integer passive_monitor_path: description: | Passive healthchecks are disabled by default and can be enabled by attaching a passive health monitor to a server pool. Each time a client connection to a pool member fails, its failed count is incremented. For pools bound to L7 virtual servers, a connection is considered to be failed and failed count is incremented if any TCP connection errors (e.g. TCP RST or failure to send data) or SSL handshake failures occur. For pools bound to L4 virtual servers, if no response is received to a TCP SYN sent to the pool member or if a TCP RST is received in response to a TCP SYN, then the pool member is considered to have failed and the failed count is incremented. The property is deprecated as NSX-T Load Balancer is deprecated. title: |- Passive monitor path type: string x-deprecated: true snat_translation: $ref: '#/definitions/LBSnatTranslation' tcp_multiplexing_enabled: default: false description: | TCP multiplexing allows the same TCP connection between load balancer and the backend server to be used for sending multiple client requests from different client TCP connections. The property is deprecated as NSX-T Load Balancer is deprecated. title: |- TCP multiplexing enable flag type: boolean x-deprecated: true tcp_multiplexing_number: default: 6 description: | The maximum number of TCP connections per pool that are idly kept alive for sending future client requests. The property is deprecated as NSX-T Load Balancer is deprecated. format: int64 maximum: 2147483647 minimum: 0 title: |- Maximum number of TCP connections for multiplexing type: integer x-deprecated: true type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Defining access of a Group from a LBVirtualServer and binding to LBMonitorProfile. title: |- Defining access a Group from a LBVirtualServer and binding to LBMonitorProfile x-vmw-nsx-module: PolicyLoadBalancer LBPoolListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LBPool list results. items: $ref: '#/definitions/LBPool' title: |- LBPool list results type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Paged Collection of LBPool. title: |- Paged Collection of LBPool x-vmw-nsx-module: PolicyLoadBalancer LBPoolMember: description: |- Pool member. properties: admin_state: default: ENABLED description: |- Member admin state. enum: - ENABLED - DISABLED - GRACEFUL_DISABLED type: string backup_member: default: false description: | Backup servers are typically configured with a sorry page indicating to the user that the application is currently unavailable. While the pool is active (a specified minimum number of pool members are active) BACKUP members are skipped during server selection. When the pool is inactive, incoming connections are sent to only the BACKUP member(s). title: |- Determine whether the pool member is for backup usage type: boolean display_name: description: |- Pool member name. title: |- Pool member name type: string ip_address: description: |- Pool member IP address. format: ip type: string max_concurrent_connections: description: | To ensure members are not overloaded, connections to a member can be capped by the load balancer. When a member reaches this limit, it is skipped during server selection. If it is not specified, it means that connections are unlimited. format: int64 maximum: 2147483647 minimum: 1 title: |- Maximum concurrent connection number type: integer port: description: | If port is specified, all connections will be sent to this port. Only single port is supported. If unset, the same port the client connected to will be used, it could be overrode by default_pool_member_port setting in virtual server. The port should not specified for port range case. format: port-or-range type: string weight: default: 1 description: | Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing algorithm. The weight value would be ignored in other algorithms. format: int64 maximum: 256 minimum: 1 title: |- Pool member weight type: integer required: - ip_address title: |- Pool member type: object x-vmw-nsx-module: PolicyLoadBalancer LBPoolMemberGroup: description: |- Pool member group. properties: customized_members: description: | The list is used to show the customized pool member settings. User can only user pool member action API to update the admin state for a specific IP address. items: $ref: '#/definitions/PoolMemberSetting' readOnly: false title: |- List of customized pool member settings type: array group_path: description: | Load balancer pool support Group as dynamic pool members. The IP list of the Group would be used as pool member IP setting. title: |- Grouping object path type: string ip_revision_filter: default: IPV4 description: | Ip revision filter is used to filter IPv4 or IPv6 addresses from the grouping object. If the filter is not specified, both IPv4 and IPv6 addresses would be used as server IPs. The link local and loopback addresses would be always filtered out. enum: - IPV4 - IPV6 - IPV4_IPV6 title: |- Filter of ipv4 or ipv6 address of grouping object IP list type: string max_ip_list_size: description: | The size is used to define the maximum number of grouping object IP address list. These IP addresses would be used as pool members. If the grouping object includes more than certain number of IP addresses, the redundant parts would be ignored and those IP addresses would not be treated as pool members. If the size is not specified, one member is budgeted for this dynamic pool so that the pool has at least one member even if some other dynamic pools grow beyond the capacity of load balancer service. Other members are picked according to available dynamic capacity. The unused members would be set to DISABLED so that the load balancer system itself is not overloaded during runtime. format: int64 maximum: 2147483647 minimum: 0 title: |- Maximum number of grouping object IP address list type: integer port: description: | If port is specified, all connections will be sent to this port. If unset, the same port the client connected to will be used, it could be overridden by default_pool_member_ports setting in virtual server. The port should not specified for multiple ports case. format: int32 maximum: 65535 minimum: 1 title: |- Pool member port for all IP addresses of the grouping object type: integer required: - group_path title: |- Pool member group type: object x-vmw-nsx-module: PolicyLoadBalancer LBPoolMemberStatistics: properties: ip_address: description: |- Pool member IP address. format: ip readOnly: true type: string port: description: | The port is configured in pool member. For virtual server port range case, pool member port must be null. format: port-or-range readOnly: true type: string statistics: $ref: '#/definitions/LBStatisticsCounter' type: object x-vmw-nsx-module: PolicyLBStatistics LBPoolMemberStatus: properties: failure_cause: description: | If multiple active monitors are configured, the failure_cause contains failure cause for each monitors. Like "Monitor_1:failure_cause_1. Monitor_2:failure_cause_2." readOnly: true title: |- The healthcheck failure cause when status is DOWN type: string ip_address: description: |- Pool member IP address. format: ip readOnly: true type: string last_check_time: description: | If multiple active monitors are configured, the property value is the latest last_check_time among all the monitors. format: int64 readOnly: true type: integer last_state_change_time: description: | If multiple active monitors are configured, the property value is the latest last_state_change_time among all the monitors. format: int64 readOnly: true type: integer port: description: | The port is configured in pool member. For virtual server port range case, pool member port must be null. format: port-or-range readOnly: true type: string status: description: | UP means that pool member is enabled and monitors have marked the pool member as UP. If the pool member has no monitor configured, it would be treated as UP. DOWN means that pool member is enabled and monitors have marked the pool member as DOWN. DISABLED means that admin state of pool member is set to DISABLED. GRACEFUL_DISABLED means that admin state of pool member is set to GRACEFUL_DISABLED. UNUSED means that the pool member is not used when the IP list size of member group exceeds the maximum setting. The remaining IP addresses would not be used as available backend servers, hence mark the status as UNUSED. UNKNOWN means that the related pool is not associated to any enabled virtual servers, or no status reported from transport-nodes, the associated load balancer service may be working(or not working). enum: - UP - DOWN - DISABLED - GRACEFUL_DISABLED - UNUSED - UNKNOWN readOnly: true title: |- Pool member status type: string type: object x-vmw-nsx-module: PolicyLBStatistics LBPoolStatistics: allOf: - $ref: '#/definitions/LBPoolStatisticsPerEP' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer members: description: |- Statistics of load balancer pool members. items: $ref: '#/definitions/LBPoolMemberStatistics' readOnly: true title: |- Statistics of load balancer pool members type: array pool_path: description: |- Load balancer pool object path. readOnly: true title: |- Load balancer pool object path type: string statistics: $ref: '#/definitions/LBStatisticsCounter' type: object x-vmw-nsx-module: PolicyLBStatistics x-vmw-nsx-module: PolicyLBStatistics LBPoolStatisticsPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLBStatistics description: |- LBPoolStatistics on specific Enforcement Point title: |- LBPoolStatistics on specific Enforcement Point x-vmw-nsx-module: PolicyLBStatistics LBPoolStatus: allOf: - $ref: '#/definitions/LBPoolStatusPerEP' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer members: description: |- Status of load balancer pool members. items: $ref: '#/definitions/LBPoolMemberStatus' readOnly: true title: |- Status of load balancer pool members type: array pool_path: description: |- Load balancer pool object path. readOnly: true title: |- Load balancer pool object path type: string status: description: | UP means that all primary members are in UP status. PARTIALLY_UP means that some(not all) primary members are in UP status, the number of these active members is larger or equal to certain number(min_active_members) which is defined in LBPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members are in UP status but backup members are in UP status, connections to this pool would be dispatched to backup members. DOWN means that all primary and backup members are DOWN. DETACHED means that the pool is not bound to any virtual server. UNKOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working). enum: - UP - PARTIALLY_UP - PRIMARY_DOWN - DOWN - DETACHED - UNKNOWN readOnly: true title: |- Virtual server status type: string type: object x-vmw-nsx-module: PolicyLBStatistics x-vmw-nsx-module: PolicyLBStatistics LBPoolStatusPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLBStatistics description: |- LBPoolStatus on specific Enforcement Point title: |- LBPoolStatus on specific Enforcement Point x-vmw-nsx-module: PolicyLBStatistics LBRule: description: | Binding of a LBPool and Group to a LBVirtualServer used to route application traffic passing through load balancers. LBRule uses match conditions to match application traffic passing through a LBVirtualServer using HTTP or HTTPS. Can bind multiple LBVirtualServers to a Group. Each LBRule consists of two optional match conditions, each match contidion defines a criterion for application traffic. If no match conditions are specified, then the LBRule will always match and it is used typically to define default rules. If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LBRule to be considered a match. A match indicates that the LBVirtualServer should route the request to the Group (parent of LBRule). LBRule is deprecated as NSX-T Load Balancer is deprecated. properties: actions: description: | A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc. items: $ref: '#/definitions/LBRuleAction' maxItems: 60 title: |- Actions to be executed type: array display_name: description: | A display name useful for identifying an LBRule. title: |- Display name for LBRule type: string match_conditions: description: | A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match. items: $ref: '#/definitions/LBRuleCondition' maxItems: 60 title: |- Conditions to match application traffic type: array match_strategy: default: ANY description: | If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LB Rule to be considered a match. - ALL indicates that both host_match and path_match must match for this LBRule to be considered a match. - ANY indicates that either host_match or patch match may match for this LBRule to be considered a match. enum: - ALL - ANY title: |- Match strategy for determining match of multiple conditions type: string phase: default: HTTP_FORWARDING description: | Each load balancer rule is used at a specific phase of load balancer processing. Currently five phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE, HTTP_ACCESS and TRANSPORT. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server. In HTTP_ACCESS phase, user can define action to control access using JWT authentication. In TRANSPORT phase, user can define the condition to match SNI in TLS client hello and define the action to do SSL end-to-end, SSL offloading or SSL passthrough using a specific load balancer server pool. enum: - HTTP_REQUEST_REWRITE - HTTP_FORWARDING - HTTP_RESPONSE_REWRITE - HTTP_ACCESS - TRANSPORT title: |- Load balancer processing phase type: string required: - actions title: |- Binding of a LBPool and Group to a LBVirtualServer type: object x-vmw-nsx-module: PolicyLoadBalancer LBRuleAction: description: | Load balancer rule actions are used to manipulate application traffic. Currently load balancer rules can be used at three load balancer processing phases. Each phase has its own supported type of actions. Supported actions in HTTP_REQUST_REWRITE phase are: LBHttpRequestUriRewriteAction LBHttpRequestHeaderRewriteAction LBHttpRequestHeaderDeleteAction LBVariableAssignmentAction Supported actions in HTTP_FORWARDING phase are: LBHttpRejectAction LBHttpRedirectAction LBSelectPoolAction LBVariablePersistenceOnAction LBConnectionDropAction Supported action in HTTP_RESPONSE_REWRITE phase is: LBHttpResponseHeaderRewriteAction LBHttpResponseHeaderDeleteAction LBVariablePersistenceLearnAction Supported action in HTTP_ACCESS phase is: LBJwtAuthAction LBConnectionDropAction LBVariableAssignmentAction Supported action in TRANSPORT phase is: LBSslModeSelectionAction LBSelectPoolAction If the match type of an LBRuleCondition field is specified as REGEX and named capturing groups are used in the specified regular expression. The groups can be used as variables in LBRuleAction fields. For example, define a rule with LBHttpRequestUriCondition as match condition and LBHttpRequestUriRewriteAction as action. Set match_type field of LBHttpRequestUriCondition to REGEX, and set uri field to "/news/(?<year>\d+)/(?<month>\d+)/(?<article>.*)". Set uri field of LBHttpRequestUriRewriteAction to: "/news/$year-$month/$article" In uri field of LBHttpRequestUriCondition, the (?<year>\d+), (?<month>\d+) and (?<article>.*) are named capturing groups, they define variables named $year, $month and $article respectively. The defined variables are used in LBHttpRequestUriRewriteAction. For a matched HTTP request with URI "/news/2017/06/xyz.html", the substring "2017" is captured in variable $year, "06" is captured in variable $month, and "xyz.html" is captured in variable $article. The LBHttpRequestUriRewriteAction will rewrite the URI to: "/news/2017-06/xyz.html" A set of built-in variables can be used in LBRuleAction as well. The name of built-in variables start with underscore, the name of user defined variables is not allowed to start with underscore. Following are some of the built-in variables: $_scheme: Reference the scheme part of matched HTTP messages, could be "http" or "https". $_host: Host of matched HTTP messages, for example "www.example.com". $_server_port: Port part of URI, it is also the port of the server which accepted a request. Default port is 80 for http and 443 for https. $_uri: The URI path, for example "/products/sample.html". $_request_uri: Full original request URI with arguments, for example, "/products/sample.html?a=b&c=d". $_args: URI arguments, for instance "a=b&c=d" $_is_args: "?" if a request has URI arguments, or an empty string otherwise. For the full list of built-in variables, please reference the NSX-T Administrator's Guide. discriminator: type properties: type: description: | The property identifies the load balancer rule action type. enum: - LBSelectPoolAction - LBHttpRequestUriRewriteAction - LBHttpRequestHeaderRewriteAction - LBHttpRejectAction - LBHttpRedirectAction - LBHttpResponseHeaderRewriteAction - LBHttpRequestHeaderDeleteAction - LBHttpResponseHeaderDeleteAction - LBVariableAssignmentAction - LBVariablePersistenceOnAction - LBVariablePersistenceLearnAction - LBJwtAuthAction - LBSslModeSelectionAction - LBConnectionDropAction type: string required: - type title: |- Load balancer rule action type: object x-vmw-nsx-module: PolicyLoadBalancer LBRuleCondition: description: | Match conditions are used to match application traffic passing through load balancers. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion for application traffic. If inverse field is set to true, the match result of the condition is inverted. If more than one match condition is specified, match strategy determines if all conditions should match or any one condition should match for the load balancer rule to be considered a match. Currently only HTTP messages are supported by load balancer rules. Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. Each phase supports certain types of match conditions, supported match conditions in HTTP_REQUEST_REWRITE phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match conditions in HTTP_FORWARDING phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition LBSslSniCondition Supported match conditions in HTTP_RESPONSE_REWRITE phase are: LBHttpResponseHeaderCondition LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match condition in HTTP_ACCESS phase is: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match condition in TRANSPORT phase is: LBSslSniCondition discriminator: type properties: inverse: default: false description: |- A flag to indicate whether reverse the match result of this condition title: |- A flag to indicate whether reverse the match result of this condition type: boolean type: description: |- Type of load balancer rule condition enum: - LBHttpRequestUriCondition - LBHttpRequestHeaderCondition - LBHttpRequestMethodCondition - LBHttpRequestUriArgumentsCondition - LBHttpRequestVersionCondition - LBHttpRequestCookieCondition - LBHttpRequestBodyCondition - LBHttpResponseHeaderCondition - LBTcpHeaderCondition - LBIpHeaderCondition - LBVariableCondition - LBHttpSslCondition - LBSslSniCondition type: string required: - type title: |- Match condition of load balancer rule type: object x-vmw-nsx-module: PolicyLoadBalancer LBSelectPoolAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: pool_id: description: |- Path of load balancer pool. title: |- Path of load balancer pool type: string required: - pool_id type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to select a pool for matched HTTP request messages. The pool is specified by path. The matched HTTP request messages are forwarded to the specified pool. title: |- Action to select a pool for HTTP request messages x-vmw-nsx-module: PolicyLoadBalancer LBServerSslProfile: allOf: - $ref: '#/definitions/LBSslProfile' - properties: cipher_group_label: description: | It is a label of cipher group which is mostly consumed by GUI. enum: - BALANCED - HIGH_SECURITY - HIGH_COMPATIBILITY - CUSTOM type: string ciphers: description: |- Supported SSL cipher list to client side. items: description: |- SSL cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 type: string title: |- Supported SSL cipher list to client side type: array is_fips: description: | This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant. readOnly: true title: |- FIPS compliance of ciphers and protocols type: boolean is_secure: description: | This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure. readOnly: true title: |- Secure/Insecure SSL profile flag type: boolean protocols: description: | SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default. items: description: |- SSL protocol enum: - SSL_V2 - SSL_V3 - TLS_V1 - TLS_V1_1 - TLS_V1_2 type: string title: |- Supported SSL protocol list to client side type: array session_cache_enabled: default: true description: | SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake. title: |- Session cache enable/disable falg type: boolean type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Server SSL profile. LBServerSslProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- Server SSL profile x-vmw-nsx-module: PolicyLoadBalancer LBServerSslProfileBinding: description: | Server SSL profile binding. LBServerSslProfileBinding is deprecated as NSX-T Load Balancer is deprecated. properties: certificate_chain_depth: default: 3 description: | Authentication depth is used to set the verification depth in the server certificates chain. format: int64 maximum: 2147483647 minimum: 1 title: |- The maximum traversal depth of server certificate chain type: integer client_certificate_path: description: | To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding title: |- Client certificate path type: string server_auth: default: AUTO_APPLY description: |- Server authentication mode. enum: - REQUIRED - IGNORE - AUTO_APPLY type: string server_auth_ca_paths: description: | If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified. items: type: string title: |- CA path list to verify server certificate type: array server_auth_crl_paths: description: | A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates. items: type: string title: |- CRL path list to verify server certificate type: array ssl_profile_path: description: | Server SSL profile defines reusable, application-independent server side SSL properties. title: |- Server SSL profile path type: string title: |- Server SSL profile binding type: object x-vmw-nsx-module: PolicyLoadBalancer LBServerSslProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of load balancer server SSL profiles items: $ref: '#/definitions/LBServerSslProfile' title: |- Paginated list of load balancer server SSL profiles type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer x-vmw-nsx-module: PolicyLoadBalancer LBService: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: access_log_enabled: description: |- Flag to enable access log title: |- Flag to enable access log type: boolean x-deprecated: true connectivity_path: description: | LBS could be instantiated (or created) on the Tier-1, etc. For now, only the Tier-1 object is supported. title: |- The connectivity target used to instantiate the LBService type: string enabled: default: true description: |- Flag to enable the load balancer service. title: |- Flag to enable the load balancer service type: boolean error_log_level: default: INFO description: | Load balancer engine writes information about encountered issues of different severity levels to the error log. This setting is used to define the severity level of the error log. enum: - DEBUG - INFO - WARNING - ERROR - CRITICAL - ALERT - EMERGENCY type: string relax_scale_validation: default: false description: | If relax_scale_validation is true, the scale validations for virtual servers/pools/pool members/rules are relaxed for load balancer service. When load balancer service is deployed on edge nodes, the scale of virtual servers/pools/pool members for the load balancer service should not exceed the scale number of the largest load balancer size which could be configured on a certain edge form factor. For example, the largest load balancer size supported on a MEDIUM edge node is MEDIUM. So one SMALL load balancer deployed on MEDIUM edge nodes can support the scale number of MEDIUM load balancer. It is not recommended to enable active monitors if relax_scale_validation is true due to performance consideration. If relax_scale_validation is false, scale numbers should be validated for load balancer service. The property is deprecated as NSX-T Load Balancer is deprecated. title: |- Whether scale validation is relaxed type: boolean x-deprecated: true size: default: SMALL description: | Load balancer service size. The load balancer service sizes, SMALL, MEDIUM, LARGE and XLARGE are all deprecated. Customers who are using this set of features are advised to migrate to NSX Advanced Load Balancer (Avi) which provides a superset of the NSX-T load balancing functionality. enum: - SMALL - MEDIUM - LARGE - XLARGE - DLB type: string type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Loadbalancer Service. title: |- Loadbalancer Service x-vmw-nsx-module: PolicyLoadBalancer LBServiceCountPerSeverity: description: | The service count for specific load balancer usage severity. properties: service_count: description: | Service count for specific serverity. format: int64 readOnly: true title: |- Service count for specific serverity type: integer severity: description: | The severity calculation is based on current usage percentage for one load balancer service. enum: - GREEN - ORANGE - RED readOnly: true type: string title: |- The service count for specific severity type: object x-vmw-nsx-module: PolicyLBStatistics LBServiceInstanceDetail: properties: attachment_display_name: description: | The display name of the resource which the load balancer instance deploys on. title: |- The display name of load balancer instance attachment type: string attachment_path: description: | The path of the resource which the load balancer instance deploys on. title: |- The path of load balancer instance attachment type: string error_message: description: | The error message for the load balancer instance. If the instance status is NOT_READY, error message will be attached. title: |- The error message for this instance type: string type: object x-vmw-nsx-module: PolicyLBStatistics LBServiceInstanceDetailPerStatus: properties: instance_details: description: | The detailed information of the load balancer instance. This field will be only returned on realtime status API. items: $ref: '#/definitions/LBServiceInstanceDetail' title: |- The detail information of load balancer instance type: array instance_number: description: | It means the total number of instances in this status type for the given transport node. format: int64 title: |- The number of instances in this status type type: integer status: description: | The type of load balancer instance status. enum: - READY - CONFLICT - NOT_READY type: string type: object x-vmw-nsx-module: PolicyLBStatistics LBServiceInstanceDetailPerTransportNode: properties: instance_detail_per_status: description: | Load balancer instances details for each load balancer instance status type from the given transport node. items: $ref: '#/definitions/LBServiceInstanceDetailPerStatus' title: |- Load balancer instances details for each status type: array transport_node_id: description: | The UUID of the transport node. title: |- The UUID of the transport node type: string type: object x-vmw-nsx-module: PolicyLBStatistics LBServiceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LBService list results items: $ref: '#/definitions/LBService' title: |- LBService list results type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Paged Collection of LBServices title: |- Paged Collection of LBServices x-vmw-nsx-module: PolicyLoadBalancer LBServiceStatistics: allOf: - $ref: '#/definitions/LBServiceStatisticsPerEP' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer pools: description: |- Statistics of load balancer pools items: $ref: '#/definitions/LBPoolStatistics' readOnly: true title: |- Statistics of load balancer pools type: array service_path: description: |- load balancer service identifier. readOnly: true title: |- load balancer service identifier type: string statistics: $ref: '#/definitions/LBServiceStatisticsCounter' virtual_servers: description: |- Statistics of load balancer virtual servers. items: $ref: '#/definitions/LBVirtualServerStatistics' readOnly: true title: |- Statistics of load balancer virtual servers type: array type: object x-vmw-nsx-module: PolicyLBStatistics x-vmw-nsx-module: PolicyLBStatistics LBServiceStatisticsCounter: properties: l4_current_session_rate: description: | The average number of l4 current sessions per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- average number of l4 current sessions per second type: number l4_current_sessions: description: |- Number of l4 current sessions. format: int64 readOnly: true title: |- Number of l4 current sessions type: integer l4_max_sessions: description: | L4 max sessions is used to show the peak L4 max session data since load balancer starts to provide service. format: int64 readOnly: true title: |- Number of l4 maximum sessions type: integer l4_total_sessions: description: |- Number of l4 total sessions. format: int64 readOnly: true title: |- Number of l4 total sessions type: integer l7_current_session_rate: description: | The average number of l7 current requests per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- averabe number of l7 current requests per second type: number l7_current_sessions: description: |- Number of l7 current sessions. format: int64 readOnly: true title: |- Number of l7 current sessions type: integer l7_max_sessions: description: | L7 max sessions is used to show the peak L7 max session data since load balancer starts to provide service. format: int64 readOnly: true title: |- Number of l7 maximum sessions type: integer l7_total_sessions: description: |- Number of l7 total sessions. format: int64 readOnly: true title: |- Number of l7 total sessions type: integer type: object x-vmw-nsx-module: PolicyLBStatistics LBServiceStatisticsPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLBStatistics description: |- LBServiceStatistics on specific Enforcement Point title: |- LBServiceStatistics on specific Enforcement Point x-vmw-nsx-module: PolicyLBStatistics LBServiceStatus: allOf: - $ref: '#/definitions/LBServiceStatusPerEP' - properties: active_transport_nodes: description: |- Ids of load balancer service related active transport nodes. items: type: string readOnly: true title: |- Ids of load balancer service related active transport nodes type: array cpu_usage: description: |- Cpu usage in percentage. format: int64 readOnly: true title: |- Cpu usage in percentage type: integer error_message: description: |- Error message, if available. readOnly: true title: |- Error message, if available type: string instance_detail_per_tn: description: | Details of load balancer service instance per transport node. items: $ref: '#/definitions/LBServiceInstanceDetailPerTransportNode' title: |- Details of load balancer service instance per transport node type: array last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer memory_usage: description: |- Memory usage in percentage. format: int64 readOnly: true title: |- Memory usage in percentage type: integer pools: description: |- status of load balancer pools. items: $ref: '#/definitions/LBPoolStatus' readOnly: true title: |- status of load balancer pools type: array service_path: description: |- Load balancer service object path. readOnly: true title: |- Load balancer service object path type: string service_status: description: | UP means the load balancer service is working fine on both transport-nodes(if have); PARTIALLY_UP means that some DLB instances on transport node are working successfully and some instances are not working successfully; DOWN means the load balancer service is down on both transport-nodes (if have), hence the load balancer will not respond to any requests; ERROR means error happens on transport-node(s) or no status is reported from transport-node(s). The load balancer service may be working (or not working); NO_STANDBY means load balancer service is working in one of the transport node while not in the other transport-node (if have). Hence if the load balancer service in the working transport-node goes down, the load balancer service will go down; DETACHED means that the load balancer service has no attachment setting and is not instantiated in any transport nodes; DISABLED means that admin state of load balancer service is DISABLED; UNKNOWN means that no status reported from transport-nodes.The load balancer service may be working(or not working). enum: - UP - PARTIALLY_UP - DOWN - ERROR - NO_STANDBY - DETACHED - DISABLED - UNKNOWN readOnly: true title: |- Status of load balancer service type: string standby_transport_nodes: description: |- Ids of load balancer service related standby transport nodes. items: type: string readOnly: true title: |- Ids of load balancer service related standby transport nodes type: array virtual_servers: description: |- status of load balancer virtual servers. items: $ref: '#/definitions/LBVirtualServerStatus' readOnly: true title: |- status of load balancer virtual servers type: array type: object x-vmw-nsx-module: PolicyLBStatistics x-vmw-nsx-module: PolicyLBStatistics LBServiceStatusPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLBStatistics description: |- LBServiceStatus on specific Enforcement Point title: |- LBServiceStatus on specific Enforcement Point x-vmw-nsx-module: PolicyLBStatistics LBServiceUsage: allOf: - $ref: '#/definitions/LBServiceUsagePerEP' - properties: current_pool_count: description: | The current number of pools which has been configured in the given load balancer service. format: int64 readOnly: true title: |- The current number of pools type: integer current_pool_member_count: description: | The current number of pool members which has been configured in the given load balancer service. format: int64 readOnly: true title: |- The current number of pool members type: integer current_virtual_server_count: description: | The current number of virtual servers which has been configured in the given load balancer service. format: int64 readOnly: true title: |- The current number of virtual servers type: integer last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 type: integer pool_capacity: description: | Pool capacity means maximum number of pools which could be configured in the given load balancer service. format: int64 readOnly: true title: |- The capacity of pools type: integer pool_member_capacity: description: | Pool member capacity means maximum number of pool members which could be configured in the given load balancer service. format: int64 readOnly: true title: |- The capacity of pool members type: integer service_path: description: |- LBService object path. readOnly: true title: |- LBService object path type: string service_size: description: |- The size of load balancer service. enum: - SMALL - MEDIUM - LARGE - XLARGE - DLB readOnly: true type: string severity: description: | The severity calculation is based on the largest usage percentage from virtual servers, pools and pool members for one load balancer service. enum: - GREEN - ORANGE - RED readOnly: true type: string usage_percentage: description: | The usage percentage is the largest usage percentage from virtual servers, pools and pool members for the load balancer service. If the property relax_scale_validation is set as true for LBService, it is possible that the value is larger than 100.0. For example, if SMALL LBS is deployed on MEDIUM edge node and configured with MEDIUM LBS virtual server scale number, LBS usage percentage is shown larger than 100.0. readOnly: true title: |- Usage percentage type: number virtual_server_capacity: description: | Virtual server capacity means maximum number of virtual servers which could be configured in the given load balancer service. format: int64 readOnly: true title: |- The capacity of virtual servers type: integer type: object x-vmw-nsx-module: PolicyLBStatistics description: | Describes the capacity and current usage of virtual servers, pools and pool members for the given load balancer service. title: |- The usage information of the load balancer service x-vmw-nsx-module: PolicyLBStatistics LBServiceUsagePerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLBStatistics description: |- LBServiceUsage on specific Enforcement Point title: |- LBServiceUsage on specific Enforcement Point x-vmw-nsx-module: PolicyLBStatistics LBServiceUsageSummary: description: | Describes usage summary of virtual servers, pools and pool members for all load balancer services. properties: current_pool_count: description: | The current count of pools configured for all load balancer services. format: int64 readOnly: true title: |- The current pool count type: integer current_pool_member_count: description: | The current count of pool members configured for all load balancer services. format: int64 readOnly: true title: |- The current pool member count type: integer current_virtual_server_count: description: | The current count of virtual servers configured for all load balancer services. format: int64 readOnly: true title: |- The current virtual server count type: integer pool_capacity: description: | Pool capacity means maximum number of pools which can be configured for all load balancer services. format: int64 readOnly: true title: |- The capacity of pools type: integer pool_member_capacity: description: | Pool capacity means maximum number of pool members which can be configured for all load balancer services. format: int64 readOnly: true title: |- The capacity of pool members type: integer pool_member_severity: description: | The severity calculation is based on the overall usage percentage of pool members for all load balancer services. enum: - GREEN - ORANGE - RED readOnly: true type: string pool_member_usage_percentage: description: | Overall pool member usage percentage for all load balancer services. readOnly: true title: |- Pool member usage percentage type: number pool_severity: description: | The severity calculation is based on the overall usage percentage of pools for all load balancer services. enum: - GREEN - ORANGE - RED readOnly: true type: string pool_usage_percentage: description: | Overall pool usage percentage for all load balancer services. readOnly: true title: |- Pool usage percentage type: number service_counts: description: | The service count for each load balancer usage severity. items: $ref: '#/definitions/LBServiceCountPerSeverity' readOnly: true title: |- LB service count for each severity type: array service_usages: description: | The property identifies all lb service usages. By default, it is not included in response. It exists when parameter ?include_usages=true. items: $ref: '#/definitions/LBServiceUsage' readOnly: true title: |- LB service usages type: array virtual_server_capacity: description: | Virtual server capacity means maximum number of virtual servers which can be configured for all load balancer services. format: int64 readOnly: true title: |- The capacity of virtual servers type: integer virtual_server_severity: description: | The severity calculation is based on the overall usage percentage of virtual servers for all load balancer services. enum: - GREEN - ORANGE - RED readOnly: true type: string virtual_server_usage_percentage: description: | Overall virtual server usage percentage for all load balancer services. readOnly: true title: |- Virtual server usage percentage type: number title: |- The usage summary for all load balancer services type: object x-vmw-nsx-module: PolicyLBStatistics LBSessionCookieTime: allOf: - $ref: '#/definitions/LBCookieTime' - properties: cookie_max_idle: description: | Instead of using HTTP Cookie max-age and relying on client to expire the cookie, max idle time and/or max lifetime of the cookie can be used. Max idle time, if configured, specifies the maximum interval the cookie is valid for from the last time it was seen in a request. It is available for insert mode. format: int64 maximum: 2147483647 minimum: 1 title: |- Session cookie max idle time in seconds type: integer cookie_max_life: description: | Max life time, if configured, specifies the maximum interval the cookie is valid for from the first time the cookie was seen in a request. It is available for insert mode. format: int64 maximum: 2147483647 minimum: 1 title: |- Session cookie max lifetime in seconds type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Session cookie time. title: |- Session cookie time x-vmw-nsx-module: PolicyLoadBalancer LBSnatAutoMap: allOf: - $ref: '#/definitions/LBSnatTranslation' - type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Snat auto map. title: |- Snat auto map x-vmw-nsx-module: PolicyLoadBalancer LBSnatDisabled: allOf: - $ref: '#/definitions/LBSnatTranslation' - type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Snat disabled. title: |- Snat disabled x-vmw-nsx-module: PolicyLoadBalancer LBSnatIpElement: description: |- Snat Ip element. properties: ip_address: description: |- Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160. format: address-or-block-or-range type: string prefix_length: description: | Subnet prefix length should be not specified if there is only one single IP address or IP range. format: int64 title: |- Subnet prefix length type: integer required: - ip_address title: |- Snat Ip element type: object x-vmw-nsx-module: PolicyLoadBalancer LBSnatIpPool: allOf: - $ref: '#/definitions/LBSnatTranslation' - properties: ip_addresses: description: | If an IP range is specified, the range may contain no more than 64 IP addresses. items: $ref: '#/definitions/LBSnatIpElement' maxItems: 64 title: |- List of Ip address or ip range type: array required: - ip_addresses type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Snat Ip pool. title: |- Snat Ip pool x-vmw-nsx-module: PolicyLoadBalancer LBSnatTranslation: description: |- Snat Translation. discriminator: type properties: type: description: |- Snat translation type. enum: - LBSnatAutoMap - LBSnatIpPool - LBSnatDisabled type: string required: - type title: |- Snat Translation type: object x-vmw-nsx-module: PolicyLoadBalancer LBSourceIpPersistenceProfile: allOf: - $ref: '#/definitions/LBPersistenceProfile' - properties: ha_persistence_mirroring_enabled: default: false description: | Persistence entries are not synchronized to the HA peer by default. The property is deprecated as NSX-T Load Balancer is deprecated. title: |- Mirroring enabled flag to synchronize persistence entries type: boolean x-deprecated: true purge: default: FULL description: |- Persistence purge setting. enum: - NO_PURGE - FULL type: string timeout: default: 300 description: | When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time. format: int64 maximum: 2147483647 minimum: 1 title: |- Persistence entry expiration time in seconds type: integer type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. title: |- LBPersistenceProflie using SourceIP x-vmw-nsx-module: PolicyLoadBalancer LBSslModeSelectionAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: ssl_mode: description: | SSL Passthrough: LB establishes a TCP connection with client and another connection with selected backend server. LB won't inspect the stream data between client and backend server, but just pass it through. Backend server exchanges SSL connection with client. SSL Offloading: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTP without SSL. LB estalishes new connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured. SSL End-to-End: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTPS. LB estalishes new SSL connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured. enum: - SSL_PASSTHROUGH - SSL_END_TO_END - SSL_OFFLOAD title: |- Type of SSL mode type: string required: - ssl_mode type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to select SSL mode. Three types of SSL mode actions can be specified in Transport phase, ssl passthrough, ssl offloading and ssl end-to-end. title: |- Action to select SSL mode x-vmw-nsx-module: PolicyLoadBalancer LBSslProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Load balancer abstract SSL profile. title: |- Load balancer abstract SSL profile x-vmw-nsx-module: PolicyLoadBalancer LBSslSniCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: case_sensitive: default: true description: | If true, case is significant when comparing SNI value. title: |- A case sensitive flag for SNI comparing type: boolean match_type: default: REGEX description: |- Match type of SNI enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string sni: description: | The SNI(Server Name indication) in client hello message. title: |- The server name indication type: string required: - sni type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match SSL SNI in client hello. This condition is only supported in TRANSPORT phase and HTTP_FORWARDING. title: |- Condition to match SSL SNI in client hello x-vmw-nsx-module: PolicyLoadBalancer LBStatisticsCounter: properties: bytes_in: description: |- Number of bytes in. format: int64 readOnly: true title: |- Number of bytes in type: integer bytes_in_rate: description: | The average number of inbound bytes per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- average number of inbound bytes per second type: number bytes_out: description: |- Number of bytes out. format: int64 readOnly: true title: |- Number of bytes out type: integer bytes_out_rate: description: | The average number of outbound bytes per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- average number of outbound bytes per second type: number current_session_rate: description: | The average number of current sessions per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- average number of current sessions per second type: number current_sessions: description: |- Number of current sessions. format: int64 readOnly: true title: |- Number of current sessions type: integer dropped_packets_by_access_list: description: | The total number of dropped TCP SYN or UDP packets by access list control. format: int64 title: |- The total number of dropped packets by access list control type: integer dropped_sessions_by_lbrule_action: description: | The total number of dropped sessions by LB rule action. format: int64 title: |- The total number of dropped sessions by LB rule action type: integer http_request_rate: description: | The average number of http requests per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- averabe number of http requests per second type: number http_requests: description: |- The total number of http requests. format: int64 readOnly: true title: |- The total number of http requests. type: integer max_sessions: description: |- Number of maximum sessions. format: int64 readOnly: true title: |- Number of maximum sessions type: integer packets_in: description: |- Number of packets in. format: int64 readOnly: true title: |- Number of packets in type: integer packets_in_rate: description: | The average number of inbound packets per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- average number of inbound packets per second type: number packets_out: description: |- Number of packets out. format: int64 readOnly: true title: |- Number of packets out type: integer packets_out_rate: description: | The average number of outbound packets per second, the number is averaged over the last 5 one-second intervals. readOnly: true title: |- average number of outbound packets per second type: number source_ip_persistence_entry_size: description: |- Number of source IP persistence entries format: int64 readOnly: true title: |- Number of source IP persistence entries type: integer total_sessions: description: |- Number of total sessions. format: int64 readOnly: true title: |- Number of total sessions type: integer type: object x-vmw-nsx-module: PolicyLBStatistics LBTcpHeaderCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: source_port: description: |- TCP source port of HTTP message format: port-or-range type: string required: - source_port type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match TCP header fields of HTTP messages. Currently, only the TCP source port is supported. Ports can be expressed as a single port number like 80, or a port range like 1024-1030. title: |- Condition to match TCP header fields x-vmw-nsx-module: PolicyLoadBalancer LBTcpMonitorProfile: allOf: - $ref: '#/definitions/LBActiveMonitor' - properties: receive: description: | Expected data, if specified, can be anywhere in the response and it has to be a string, regular expressions are not supported. title: |- Expected data received from server type: string send: description: | If both send and receive are not specified, then just a TCP connection is established (3-way handshake) to validate server is healthy, no data is sent. title: |- Data to send type: string type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over TCP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBTcpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- LBMonitorProfile for active health checks over TCP x-vmw-nsx-module: PolicyLoadBalancer LBUdpMonitorProfile: allOf: - $ref: '#/definitions/LBActiveMonitor' - properties: receive: description: | Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period. title: |- Expected data received from server type: string send: description: | The data to be sent to the monitored server. title: |- Data to send type: string required: - receive - send type: object x-vmw-nsx-module: PolicyLoadBalancer description: | Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over UDP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBUdpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated. title: |- LBMonitorProfile for active health checks over UDP x-vmw-nsx-module: PolicyLoadBalancer LBVariableAssignmentAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: variable_name: description: |- Name of the variable to be assigned. title: |- Name of the variable to be assigned type: string variable_value: description: |- Value of variable. title: |- Value of variable type: string required: - variable_value - variable_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is used to create a new variable and assign value to it. One action can be used to create one variable. To create multiple variables, multiple actions must be defined. The variables can be used by LBVariableCondition, etc. title: |- Action to create variable and assign value to it x-vmw-nsx-module: PolicyLoadBalancer LBVariableCondition: allOf: - $ref: '#/definitions/LBRuleCondition' - properties: case_sensitive: default: true description: | If true, case is significant when comparing variable value. title: |- A case sensitive flag for variable value comparing type: boolean match_type: default: REGEX description: |- Match type of variable value enum: - STARTS_WITH - ENDS_WITH - EQUALS - CONTAINS - REGEX type: string variable_name: description: |- Name of the variable to be matched title: |- Name of the variable to be matched type: string variable_value: description: |- Value of variable to be matched title: |- Value of variable to be matched type: string required: - variable_value - variable_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This condition is used to match variable's name and value at all phases. The variables could be captured from REGEX or assigned by LBVariableAssignmentAction or system embedded variable. Varialbe_name and variable_value should be matched at the same time. title: |- Condition to match IP header fields x-vmw-nsx-module: PolicyLoadBalancer LBVariablePersistenceLearnAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: persistence_profile_path: description: | If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported. title: |- Path to LBPersistenceProfile type: string variable_hash_enabled: default: false description: | The property is used to enable a hash operation for variable value when composing the persistence key. title: |- Whether to enable a hash operation for variable value type: boolean variable_name: description: | The property is the name of variable to be learnt. It is used to identify which variable's value is learnt from HTTP response. The variable can be a built-in variable such as "_cookie_JSESSIONID", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as "article". For the full list of built-in variables, please reference the NSX-T Administrator's Guide. title: |- Variable name type: string required: - variable_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is performed in HTTP response rewrite phase. It is used to learn the value of variable from the HTTP response, and insert an entry into the persistence table if the entry doesn't exist. title: |- Action to learn the variable value x-vmw-nsx-module: PolicyLoadBalancer LBVariablePersistenceOnAction: allOf: - $ref: '#/definitions/LBRuleAction' - properties: persistence_profile_path: description: | If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported. title: |- Path to LBPersistenceProfile type: string variable_hash_enabled: default: false description: | The property is used to enable a hash operation for variable value when composing the persistence key. title: |- Whether to enable a hash operation for variable value type: boolean variable_name: description: | The property is the name of variable to be used. It specifies which variable's value of a HTTP Request will be used in the key of persistence entry. The variable can be a built-in variable such as "_cookie_JSESSIONID", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as "article". For the full list of built-in variables, please reference the NSX-T Administrator's Guide. title: |- Variable name type: string required: - variable_name type: object x-vmw-nsx-module: PolicyLoadBalancer description: | This action is performed in HTTP forwarding phase. It is used to inspect the variable of HTTP request, and look up the persistence entry with its value and pool uuid as key. If the persistence entry is found, the HTTP request is forwarded to the recorded backend server according to the persistence entry. If the persistence entry is not found, a new entry is created in the table after backend server is selected. title: |- Action to persist the variable value x-vmw-nsx-module: PolicyLoadBalancer LBVirtualServer: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: access_list_control: $ref: '#/definitions/LBAccessListControl' access_log_enabled: default: false description: | If access log is enabled, all HTTP requests sent to L7 virtual server are logged to the access log file. Both successful returns information responses(1xx), successful responses(2xx), redirection messages(3xx) and unsuccessful requests, backend server returns 4xx or 5xx, are logged to access log, if enabled. All L4 virtual server connections are also logged to the access log if enabled. The non-significant events such as successful requests are not logged if log_significant_event_only is set to true. title: |- Access log enabled setting type: boolean application_profile_path: description: | The application profile defines the application protocol characteristics. It is used to influence how load balancing is performed. Currently, LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile, etc are supported. title: |- Application profile path type: string client_ssl_profile_binding: $ref: '#/definitions/LBClientSslProfileBinding' default_pool_member_ports: description: | Default pool member ports when member port is not defined. items: description: | Examples- Single port "8080", Range of ports "8090-8095" format: port-or-range type: string maxItems: 14 title: |- Default pool member ports when member port is not defined. type: array enabled: default: true description: |- Flag to enable the load balancer virtual server. title: |- whether the virtual server is enabled type: boolean ip_address: description: | Configures the IP address of the LBVirtualServer where it receives all client connections and distributes them among the backend servers. format: ip type: string lb_persistence_profile_path: description: | Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default. title: |- Persistence Profile used by LBVirtualServer type: string lb_service_path: description: | virtual servers can be associated to LBService(which is similar to physical/virtual load balancer), LB virtual servers, pools and other entities could be defined independently, the LBService identifier list here would be used to maintain the relationship of LBService and other LB entities. title: |- Path to LBService object for LBVirtualServer type: string log_significant_event_only: default: false description: | The property log_significant_event_only can take effect only when access_log_enabled is true. If log_significant_event_only is true, significant events are logged in access log. For L4 virtual server, significant event means unsuccessful(error or dropped) TCP/UDP connections. For L7 virtual server, significant event means unsuccessful connections or HTTP/HTTPS requests which have error response code(e.g. 4xx, 5xx). title: |- Log only significant event in access log type: boolean max_concurrent_connections: description: | To ensure one virtual server does not over consume resources, affecting other applications hosted on the same LBS, connections to a virtual server can be capped. If it is not specified, it means that connections are unlimited. The property is deprecated as NSX-T Load Balancer is deprecated. format: int64 maximum: 2147483647 minimum: 1 title: |- Maximum concurrent connection number type: integer x-deprecated: true max_new_connection_rate: description: | To ensure one virtual server does not over consume resources, connections to a member can be rate limited. If it is not specified, it means that connection rate is unlimited. The property is deprecated as NSX-T Load Balancer is deprecated. format: int64 maximum: 2147483647 minimum: 1 title: |- Maximum new connection rate in connections per second type: integer x-deprecated: true pool_path: description: | The server pool(LBPool) contains backend servers. Server pool consists of one or more servers, also referred to as pool members, that are similarly configured and are running the same application. title: |- Default server pool path type: string ports: description: | Ports contains a list of at least one port or port range such as "80", "1234-1236". Each port element in the list should be a single port or a single port range. items: description: | Examples- Single port "8080", Range of ports "8090-8095" format: port-or-range type: string title: |- Virtual server port number(s) or port range(s) type: array rules: description: | Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with LBHttpProfile. The property is deprecated as NSX-T Load Balancer is deprecated. items: $ref: '#/definitions/LBRule' maxItems: 4000 title: |- List of load balancer rules type: array x-deprecated: true server_ssl_profile_binding: $ref: '#/definitions/LBServerSslProfileBinding' sorry_pool_path: description: | When load balancer can not select a backend server to serve the request in default pool or pool in rules, the request would be served by sorry server pool. The property is deprecated as NSX-T Load Balancer is deprecated. title: |- Sorry server pool path type: string x-deprecated: true required: - ip_address - ports - application_profile_path type: object x-vmw-nsx-module: PolicyLoadBalancer description: | All the types of LBVirtualServer extend from this abstract class. This is present for extensibility. title: |- Base class for each type of LBVirtualServer x-vmw-nsx-module: PolicyLoadBalancer LBVirtualServerListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LBVirtualServer list results items: $ref: '#/definitions/LBVirtualServer' title: |- LBVirtualServer list results type: array required: - results type: object x-vmw-nsx-module: PolicyLoadBalancer description: |- Paged Collection of LBVirtualServers title: |- Paged Collection of LBVirtualServers x-vmw-nsx-module: PolicyLoadBalancer LBVirtualServerStatistics: allOf: - $ref: '#/definitions/LBVirtualServerStatisticsPerEP' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer statistics: $ref: '#/definitions/LBStatisticsCounter' virtual_server_path: description: |- load balancer virtual server object path. readOnly: true title: |- load balancer virtual server object path type: string type: object x-vmw-nsx-module: PolicyLBStatistics x-vmw-nsx-module: PolicyLBStatistics LBVirtualServerStatisticsPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLBStatistics description: |- LBVirtualServerStatistics on specific Enforcement Point title: |- LBVirtualServerStatistics on specific Enforcement Point x-vmw-nsx-module: PolicyLBStatistics LBVirtualServerStatus: allOf: - $ref: '#/definitions/LBVirtualServerStatusPerEP' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer status: description: | UP means that all primary members in default pool are in UP status. For L7 virtual server, if there is no default pool, the virtual server would be treated as UP. PARTIALLY_UP means that some(not all) primary members in default pool are in UP status. The size of these active primary members should be larger than or equal to the certain number(min_active_members) which is defined in LBPool. When there are no backup members which are in the UP status, the number(min_active_members) would be ignored. PRIMARY_DOWN means that less than certain(min_active_members) primary members in default pool are in UP status but backup members are in UP status, the connections would be dispatched to backup members. DOWN means that all primary and backup members are in DOWN status. DETACHED means that the virtual server is not bound to any service. DISABLED means that the admin state of the virtual server is disabled. UNKOWN means that no status reported from transport-nodes. The associated load balancer service may be working(or not working). enum: - UP - PARTIALLY_UP - PRIMARY_DOWN - DOWN - DETACHED - DISABLED - UNKNOWN readOnly: true title: |- Virtual server status type: string virtual_server_path: description: |- load balancer virtual server object path. readOnly: true title: |- load balancer virtual server object path type: string type: object x-vmw-nsx-module: PolicyLBStatistics x-vmw-nsx-module: PolicyLBStatistics LBVirtualServerStatusPerEP: allOf: - $ref: '#/definitions/PolicyRuntimeInfoPerEP' - discriminator: resource_type properties: resource_type: type: string required: - resource_type type: object x-vmw-nsx-module: PolicyLBStatistics description: |- LBVirtualServerStatus on specific Enforcement Point title: |- LBVirtualServerStatus on specific Enforcement Point x-vmw-nsx-module: PolicyLBStatistics Label: description: |- Label that will be displayed for a UI element. properties: condition: description: |- If the condition is met then the label will be applied. Examples of expression syntax are provided under example_request section of CreateWidgetConfiguration API. maxLength: 1024 title: |- Expression for evaluating condition type: string hover: default: false description: |- If true, displays the label only on hover title: |- Show label only on hover type: boolean icons: description: |- Icons to be applied at dashboard for the label items: $ref: '#/definitions/Icon' minItems: 0 title: |- Icons type: array navigation: description: |- Hyperlink of the specified UI page that provides details. maxLength: 1024 title: |- Navigation to a specified UI page type: string text: description: |- Text to be displayed at the label. maxLength: 255 title: |- Label text type: string required: - text title: |- Label type: object x-vmw-nsx-module: NsxDashboard LabelValueConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: layout: $ref: '#/definitions/Layout' navigation: description: |- Hyperlink of the specified UI page that provides details. maxLength: 1024 title: |- Navigation to a specified UI page type: string properties: description: |- An array of label-value properties. items: $ref: '#/definitions/PropertyItem' title: |- Rows type: array sub_type: description: |- A sub-type of LabelValueConfiguration. If sub-type is not specified the parent type is rendered. For VERTICALLY_ALIGNED sub_type, the value is placed below the label. For HORIZONTALLY_ALIGNED sub_type, the value is placed right hand side of the label. enum: - VERTICALLY_ALIGNED - HORIZONTALLY_ALIGNED title: |- Sub-type of the LabelValueConfiguration type: string required: - properties type: object x-vmw-nsx-module: NsxDashboard description: |- Represents a Label-Value widget configuration title: |- Label Value Dashboard Widget Configuration x-vmw-nsx-module: NsxDashboard LacpGroupConfigInfo: properties: key: description: | The key represents the identifier for the group that is unique across VC. readOnly: false title: |- The generated key as the identifier for the group type: string load_balance_algorithm: description: | Load balance algorithm used in LACP group. The possible values are dictated by the values available in VC. Please refer VMwareDvsLacpLoadBalanceAlgorithm documentation for a full list of values. A few examples are srcDestIp where source and destination IP are considered, srcIp where only source IP is considered. readOnly: false title: |- Load balance policy type: string mode: description: | The mode of LACP can be ACTIVE or PASSIVE. If the mode is ACTIVE, LACP is enabled unconditionally. If the mode is PASSIVE, LACP is enabled only if LACP device is detected. enum: - ACTIVE - PASSIVE readOnly: false title: |- The mode of Link Aggregation Control Protocol (LACP) type: string name: description: |- The display name of the LACP group. readOnly: false title: |- The display name type: string timeout_type: default: SLOW description: |- To set the lag mode as fast for LACP. By default, it will be slow. enum: - FAST - SLOW readOnly: false title: |- LACP timeout mode type: string uplink_names: description: |- Names for the uplink ports in the group. items: type: string readOnly: false title: |- Uplink names type: array uplink_num: description: |- The number of uplink ports format: int64 readOnly: false title: |- The number of uplink ports type: integer uplink_port_keys: description: | Keys for the uplink ports in the group. Each uplink port is assigned a key that is unique across VC. items: type: string readOnly: false title: |- Keys for the uplink ports type: array type: object x-vmw-nsx-module: InventoryCmInvComm Lag: description: |- LACP group properties: id: description: |- unique id readOnly: true title: |- unique id type: string load_balance_algorithm: description: |- LACP load balance Algorithm enum: - SRCMAC - DESTMAC - SRCDESTMAC - SRCDESTIPVLAN - SRCDESTMACIPPORT title: |- LACP load balance Algorithm type: string mode: description: |- LACP group mode enum: - ACTIVE - PASSIVE title: |- LACP group mode type: string name: description: |- Lag name title: |- Lag name type: string number_of_uplinks: description: |- number of uplinks format: int32 maximum: 32 minimum: 2 title: |- number of uplinks type: integer timeout_type: default: SLOW description: |- LACP timeout type enum: - SLOW - FAST title: |- LACP timeout type type: string uplinks: description: |- uplink names items: $ref: '#/definitions/Uplink' maxItems: 32 readOnly: true title: |- uplink names type: array required: - load_balance_algorithm - mode - name - number_of_uplinks title: |- LACP group type: object x-vmw-nsx-module: UplinkHostSwitchProfile Layout: description: |- Represents layout of a container or widget properties: properties: $ref: '#/definitions/LayoutProperties' type: default: HORIZONTAL description: |- Describes layout of a container or widget. Layout describes how individual widgets are placed inside the container. For example, if HORIZONTAL is chosen widgets are placed side by side inside the container. If VERTICAL is chosen then widgets are placed one below the other. If GRID is chosen then the container or widget display area is divided into a grid of m rows and n columns, as specified in the properties, and the widgets are placed inside the grid. If AUTO is chosen then container or widgets display area will be automatically calculated depending upon the required width. enum: - HORIZONTAL - VERTICAL - GRID - AUTO title: |- Type of layout of a container or widget type: string title: |- Layout of a container or widget type: object x-vmw-nsx-module: NsxDashboard LayoutProperties: description: |- Properties of the layout of a container or widget properties: num_columns: description: |- Describes the number of columns of grid layout of a container or widget. This property is applicable for grid layout only. format: int32 title: |- Number of columns of grid type: integer num_rows: description: |- Describes the number of rows of grid layout of a container or widget. This property is applicable for grid layout only. format: int32 title: |- Number of rows of grid type: integer title: |- Layout properties of a container or widget type: object x-vmw-nsx-module: NsxDashboard LbHttpRequestHeader: properties: header_name: description: |- Name of HTTP request header title: |- Name of HTTP request header type: string header_value: description: |- Value of HTTP request header title: |- Value of HTTP request header type: string required: - header_value - header_name type: object x-vmw-nsx-module: LoadBalancer LbSslCipherAndProtocolListResult: allOf: - $ref: '#/definitions/ListResult' - properties: ciphers: description: |- List of SSL ciphers items: $ref: '#/definitions/LbSslCipherInfo' title: |- List of SSL ciphers type: array protocols: description: |- List of SSL protocols items: $ref: '#/definitions/LbSslProtocolInfo' title: |- List of SSL protocols type: array required: - ciphers - protocols type: object x-vmw-nsx-module: LoadBalancer x-vmw-nsx-module: LoadBalancer LbSslCipherInfo: description: |- SSL cipher properties: cipher: description: |- SSL cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA - TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 type: string cipher_group_labels: description: | Several cipher groups might contain the same cipher suite, each cipher suite could have multiple cipher group labels. items: description: |- SSL cipher group enum: - BALANCED - HIGH_SECURITY - HIGH_COMPATIBILITY - CUSTOM type: string title: |- Cipher group label list type: array is_default: description: |- Default SSL cipher flag title: |- Default SSL cipher flag type: boolean is_secure: description: |- Secure/insecure SSL cipher flag title: |- Secure/insecure SSL cipher flag type: boolean required: - is_default - is_secure - cipher title: |- SSL cipher type: object x-vmw-nsx-module: LoadBalancer LbSslProtocolInfo: description: |- SSL protocol properties: is_default: description: |- Default SSL protocol flag title: |- Default SSL protocol flag type: boolean is_secure: description: |- Secure/insecure SSL protocol flag title: |- Secure/insecure SSL protocol flag type: boolean protocol: description: |- SSL protocol enum: - SSL_V2 - SSL_V3 - TLS_V1 - TLS_V1_1 - TLS_V1_2 type: string required: - is_default - is_secure - protocol title: |- SSL protocol type: object x-vmw-nsx-module: LoadBalancer LdapIdentitySource: allOf: - $ref: '#/definitions/ManagedResource' - discriminator: resource_type properties: alternative_domain_names: description: |- After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes. items: type: string title: |- Additional domains to be directed to this identity source type: array base_dn: description: |- The subtree of the LDAP identity source to search when locating users and groups. title: |- DN of subtree for user and group searches type: string domain_name: description: |- The name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use. title: |- Authentication domain name type: string ldap_servers: description: |- The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported. items: $ref: '#/definitions/IdentitySourceLdapServer' maxItems: 3 title: |- LDAP servers for this identity source type: array resource_type: enum: - ActiveDirectoryIdentitySource - OpenLdapIdentitySource type: string required: - domain_name - resource_type - base_dn type: object x-vmw-nsx-module: LdapIdentitySources description: |- This is the base type for all identity sources that use LDAP for authentication and group membership. title: |- An LDAP identity source x-vmw-nsx-module: LdapIdentitySources LdapIdentitySourceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: items: $ref: '#/definitions/LdapIdentitySource' type: array type: object x-vmw-nsx-module: LdapIdentitySources description: |- The results of listing LDAP identity sources. title: |- List results containing LDAP identity sources x-vmw-nsx-module: LdapIdentitySources LdapIdentitySourceProbeResults: allOf: - $ref: '#/definitions/Resource' - properties: results: description: |- Probe results for all probed LDAP servers. items: $ref: '#/definitions/IdentitySourceLdapServerProbeResult' title: |- Probe results type: array type: object x-vmw-nsx-module: LdapIdentitySources description: |- Results from probing all LDAP servers in an LDAP identity source configuration. title: |- Results from probing all LDAP servers x-vmw-nsx-module: LdapIdentitySources LdapIdentitySourceSearchResultItem: properties: common_name: description: |- The Common Name (CN) of the entry, if available. title: |- Common Name (CN) of entry type: string dn: description: |- Distinguished name (DN) of the entry. title: |- DN of the entry type: string principal_name: description: |- For Active Directory (AD) users, this will be the user principal name (UPN), in the format user@domain. For non-AD users, this will be the user's uid property, followed by "@" and the domain of the directory. For groups, this will be the group's common name, followed by "@" and the domain of the directory. title: |- The principal name of the user or group, if available type: string type: description: |- Describes the type of the entry enum: - USER - GROUP title: |- Type of the entry type: string type: object x-vmw-nsx-module: LdapIdentitySources LdapIdentitySourceSearchResultList: allOf: - $ref: '#/definitions/Resource' - properties: results: items: $ref: '#/definitions/LdapIdentitySourceSearchResultItem' type: array type: object x-vmw-nsx-module: LdapIdentitySources description: |- A list of LDAP entries returned from a search of an LDAP identity source. title: |- A list of LDAP search results x-vmw-nsx-module: LdapIdentitySources LdapProbeError: description: |- Detail about one error encountered during a probe. properties: error_type: description: | The cause of the error. BASE_DN_NOT_FOUND: The configured base DN does not exist on the LDAP server or is not readable. BIND_DN_AND_PASSWORD_REQUIRED: This server is configured to require a bind DN and password. Please add these to your LDAP server configuration. BIND_DN_INVALID: The bind DN or username provided is not valid on the LDAP server. Check that the bind DN is correct. This error may also indicate that the base DN in your configuration is incorrect. CERTIFICATE_HOSTNAME_MISMATCH_ERROR: The hostname configured for the LDAP server does not match the hostname in the server's certificate subject or alternative subject names. Be sure that the hostname you configure in NSX Manager matches one of those names. CERTIFICATE_MISMATCH_ERROR: The certificate presented by the LDAP server did not match the certificate in the configuration on the NSX Manager. CONNECTION_REFUSED: The connection was refused when contacting the LDAP server. Ensure that the LDAP server is running and that you are using the correct ip/hostname. CONNECTION_TIMEOUT: The connection timed out when contacting the LDAP server. Check the hostname/ip and any firewalls between the NSX Manager and the LDAP server. GENERAL_ERROR: An undetermined error occurred. INVALID_CONFIGURED_CERTIFICATE: The certificate configured for this LDAP server is invalid and could not be decoded. Check that the PEM-formatted certificate you provided is correct. INVALID_CREDENTIALS: The username and/or password are incorrect. SSL_HANDSHAKE_ERROR: An error occurred while establishing a secure connection with the LDAP server. Check that the LDAP server's certificate is correct, and that it is using an SSL/TLS cipher suite that is compatible with the NSX Manager. This error can also occur if the hostname you have configured for the LDAP server does not match any of the hostnames in the Subject Alternative Name records in the server certificate. STARTTLS_FAILED: Unable to use StartTLS to upgrade the connection to use TLS. Ensure that the LDAP server supports TLS and if not, use LDAP or LDAPS as the protocol. UNKNOWN_HOST: The hostname of the LDAP server could not be resolved. NO_ROUTE_TO_HOST: There is no network route to the host. BIND_EXCEPTION: A socket to the remote host could not be opened. PORT_UNREACHABLE: The LDAP port is not open on the remote host. BASE_DN_NOT_WITHIN_DOMAIN: For Active Directory, the base DN is not a subtree of the Domain Component tree corresponding to the LDAP domain. For example, if the domain is "example.com", the baseDN should be "dc=example, dc=com" or a subtree like "ou=Users,dc=example,dc=com". LDAP_SERVER_DISABLED: The LDAP server is marked as disabled in the NSX configuration and will not be used. enum: - BASE_DN_NOT_FOUND - BIND_DN_AND_PASSWORD_REQUIRED - BIND_DN_INVALID - CERTIFICATE_HOSTNAME_MISMATCH_ERROR - CERTIFICATE_MISMATCH_ERROR - CONNECTION_REFUSED - CONNECTION_TIMEOUT - GENERAL_ERROR - INVALID_CONFIGURED_CERTIFICATE - INVALID_CREDENTIALS - SSL_HANDSHAKE_ERROR - STARTTLS_FAILED - UNKNOWN_HOST - NO_ROUTE_TO_HOST - BIND_EXCEPTION - PORT_UNREACHABLE - BASE_DN_NOT_WITHIN_DOMAIN - LDAP_SERVER_DISABLED title: |- Error type type: string title: |- Error detail from probe type: object x-vmw-nsx-module: LdapIdentitySources Legend: description: |- Represents legend that describes the entities of the widget. properties: alignment: default: VERTICAL description: |- Describes the alignment of legend. Alignment of a legend denotes how individual items of the legend are aligned in a container. For example, if VERTICAL is chosen then the items of the legend will appear one below the other and if HORIZONTAL is chosen then the items will appear side by side. enum: - HORIZONTAL - VERTICAL title: |- Alignment of the legend type: string display_count: default: true description: |- If set to true, it will display the counts in legend. If set to false, counts of entities are not displayed in the legend. title: |- Show count of entities in the legend type: boolean display_mode: default: SHOW_ALL_LEGENDS description: |- Display mode for legends. enum: - SHOW_ALL_LEGENDS - SHOW_MIN_NO_OF_LEGENDS - SHOW_OTHER_GROUP_WITH_LEGENDS title: |- Display mode for legends. type: string filterable: default: false description: |- Show checkbox along with legends if value is set to true. Widget filtering capability can be enable based on legend checkbox selection. for 'display_mode' SHOW_OTHER_GROUP_WITH_LEGENDS filterable property is not supported. title: |- Show checkbox along with legends if value is set to true type: boolean min_legends_display_count: default: 3 description: |- A minimum number of legends to be displayed upfront. if 'display_mode' is set to SHOW_MIN_NO_OF_LEGENDS then this property value will be used to display number of legends upfront in the UI. format: int32 maximum: 12 minimum: 1 title: |- A minimum number of legends to be displayed. type: integer other_group_legend_label: default: WIDGET_LABEL_OTHER_LEGEND_LABEL description: |- A translated label for showing other category label in legends. title: |- A label for showing other category in legends. type: string position: default: RIGHT description: |- Describes the relative placement of legend. The legend of a widget can be placed either to the TOP or BOTTOM or LEFT or RIGHT relative to the widget. For example, if RIGHT is chosen then legend is placed to the right of the widget. enum: - TOP - BOTTOM - LEFT - RIGHT - TOP_RIGHT title: |- Placement of legend type: string type: default: CIRCLE description: |- Describes the render type for the legend. The legend for an entity describes the entity in the widget. The supported legend type is a circle against which the entity's details such as display_name are shown. The color of the circle denotes the color of the entity shown inside the widget. enum: - CIRCLE title: |- Type of the legend type: string unit: description: |- Show unit of entities in the legend. title: |- Show unit of entities in the legend type: string title: |- Legend for the widget type: object x-vmw-nsx-module: NsxDashboard LegendWidgetConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: layout: $ref: '#/definitions/Legend' source_widget_id: description: |- Id of source widget, if any. Id should be a valid id of an existing widget. This property can be used to identify the source of the data for this legend widget. maxLength: 255 title: |- Id of source widget for this legend widget type: string required: - layout - source_widget_id type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration for Legend widget. For this widget the data source is not applicable. This widget can be use to add the Legend inside the dashboard container. title: |- Legend widget Configuration x-vmw-nsx-module: NsxDashboard LineChartPlotConfiguration: allOf: - $ref: '#/definitions/WidgetPlotConfiguration' - properties: fill_gradient_area: description: | Fill the line chart area with a gradient series color. title: |- Fill the line chart area with a gradient series color. type: boolean num_of_series_to_display: description: |- Specifies the number of series to be displayed in a line chart. If no value is provided all the series will be displayed. format: int32 maximum: 16 minimum: 1 title: |- A number of series to be displayed upfront. type: integer show_curved_lines: default: true description: | Used for displaying the curved lines for a series in a line chart. By default, straight line is used to for a series in a line chart. title: |- Show curved lines for series type: boolean show_data_in_tooltip: default: false description: | Show the data in tooltip. title: |- Show data in tooltip. type: boolean show_data_points: default: true description: | Controls the visiblity of the data points on the line chart. If value is set to false data points wont be high- lighted on the lines. title: |- Show the Data point highlighting in line chart type: boolean show_grid_lines: default: true description: | Controls the visiblity of the grid lines in line chart. title: |- Show grid lines type: boolean show_grouped_tooltip: default: false description: | Controls the visiblity of the grouped tooltip in a line chart across all series. title: |- Derives to show the grouped tooltip type: boolean show_min_max_on_series: default: false description: | Controls the visiblity of the min and max value across line series in line chart. title: |- Show min and max value on line series type: boolean show_unit_in_tooltip: default: false description: | Show the data unit in tooltip. title: |- Show data unit in tooltip. type: boolean sort_data_in_grouped_tooltip: default: false description: | Sort the data in grouped tooltip. title: |- Sort the data in grouped tooltip type: boolean sort_series: default: false description: | Specifies whether the series should be sorted by the latest data point. title: |- Perform sorting on series using the latest data point type: boolean type: object x-vmw-nsx-module: NsxDashboard description: |- A line chart plotting configuration. title: |- A line chart plotting configuration x-vmw-nsx-module: NsxDashboard ListResult: allOf: - $ref: '#/definitions/Resource' - properties: cursor: description: |- Opaque cursor to be used for getting next page of records (supplied by current result page) readOnly: true title: |- Opaque cursor to be used for getting next page of records (supplied by current result page) type: string result_count: description: |- Count of results found (across all pages), set only on first page format: int64 readOnly: true title: |- Count of results found (across all pages), set only on first page type: integer sort_ascending: description: |- If true, results are sorted in ascending order readOnly: true title: |- If true, results are sorted in ascending order type: boolean sort_by: description: |- Field by which records are sorted readOnly: true title: |- Field by which records are sorted type: string type: object x-vmw-nsx-module: Common description: |- Base class for list results from collections title: |- Base class for list results from collections x-vmw-nsx-module: Common LiveTraceActionConfig: properties: pktcap_config: $ref: '#/definitions/PktcapActionConfig' trace_config: $ref: '#/definitions/TraceActionConfig' type: object x-vmw-nsx-module: LiveTrace LiveTraceConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: actions: $ref: '#/definitions/PolicyLiveTraceActionConfig' filter: $ref: '#/definitions/LiveTraceFilterData' is_transient: default: true description: | This field indicates whether the intent is transient. If it is set to true, intent will be cleaned up after 1 hour of inactivity. title: |- Marker to indicate if the intent is transient type: boolean src_port_path: description: | Policy path of logical port to start a livetrace session. title: |- Policy path of logical port type: string timeout: default: 10 description: | The duration for observing live traffic on the specified source logical port. format: int64 maximum: 300 minimum: 5 title: |- Timeout in seconds for livetrace session type: integer required: - src_port_path - actions type: object x-vmw-nsx-module: PolicyConnectivity description: |- Livetrace configuration title: |- Livetrace configuration x-vmw-nsx-module: PolicyConnectivity LiveTraceConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LiveTraceConfig list results items: $ref: '#/definitions/LiveTraceConfig' title: |- LiveTraceConfig list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of LiveTraceConfig entities title: |- Paged collection of LiveTraceConfig entities x-vmw-nsx-module: PolicyConnectivity LiveTraceFilterData: discriminator: resource_type properties: resource_type: description: |- Filter type enum: - FieldsFilterData - PlainFilterData title: |- Filter type type: string required: - resource_type type: object x-vmw-nsx-module: LiveTrace LiveTraceFilterInvalidInfo: properties: filter: $ref: '#/definitions/LiveTraceFilterData' reason: description: |- The description of why the filter is rejected by the transport node. readOnly: true title: |- Reason of invalid packet filter type: string type: object x-vmw-nsx-module: LiveTrace LiveTraceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Livetrace status list items: $ref: '#/definitions/LiveTraceStatus' title: |- Livetrace status list type: array type: object x-vmw-nsx-module: LiveTrace x-vmw-nsx-module: LiveTrace LiveTracePacketGranularActionConfig: description: |- Configuration of livetrace packet granular action properties: dest_port_path: description: | Policy path of logical port for the reverse direction of a livetrace session. It is required only when the trace type is bidirectional. Multiple bi-directional actions in a livetrace session should have the same port specified for the reverse direction. title: |- Policy path of logical port type: string reverse_filter: $ref: '#/definitions/LiveTraceFilterData' sampling: $ref: '#/definitions/LiveTraceSamplingConfig' trace_type: description: |- Type of trace enum: - UNI_DIRECTIONAL - BI_DIRECTIONAL title: |- Type of trace type: string required: - trace_type - sampling title: |- Configuration of livetrace packet granular action type: object x-vmw-nsx-module: PolicyConnectivity LiveTraceResult: properties: id: description: | The id is assigned by Livetrace and cannot be specified by user. readOnly: true title: |- ID of a livetrace session type: string pktcap_results: description: |- PktCap action results items: $ref: '#/definitions/PktCapResult' title: |- PktCap action results type: array trace_results: description: |- Trace action observation list results items: $ref: '#/definitions/TraceResult' title: |- Trace action observation list results type: array type: object x-vmw-nsx-module: LiveTrace LiveTraceSamplingConfig: description: |- Sampling parameter for a livetrace action properties: match_number: description: | First N packets are sampled. The upper limits of sampling number for trace and packet capture actions are 50 and 500, respectively. format: int64 maximum: 500 minimum: 1 title: |- Parameter for first-N sampling. type: integer sampling_interval: description: | A packet is sampled for every given time interval in ms. format: int64 maximum: 30000 minimum: 1 title: |- Parameter for interval based sampling type: integer sampling_rate: description: | 1 out of N packets is sampled on average. format: int64 maximum: 65535 minimum: 1 title: |- Parameter for packet number based sampling type: integer title: |- Sampling parameter for a livetrace action type: object x-vmw-nsx-module: PolicyConnectivity LiveTraceStatus: allOf: - $ref: '#/definitions/ManagedResource' - properties: actions: $ref: '#/definitions/LiveTraceActionConfig' filter: $ref: '#/definitions/LiveTraceFilterData' filter_invalid_info: description: | The detail of invalid filter(s) in a Livetrace session. This field is only applicable for filters of PlainFilterData type. items: $ref: '#/definitions/LiveTraceFilterInvalidInfo' readOnly: true title: |- Detail on invalid filter(s) in a Livetrace session. type: array invalidation_reason: description: | The reason of invalidating a Livetrace session. PORT_DISCONNECT - Source or destination logical port of the session is disconnected. DP_DESTROY - Dataplane is destroyed. UNKNOWN - The invalidation reason cannot be determined. enum: - PORT_DISCONNECT - DP_DESTROY - UNKNOWN readOnly: true title: |- Livetrace invalidation reason type: string operation_state: description: | The operation state of Livetrace. IN_PROGRESS - collecting the session results. FINISHED - session results collection completes. PARTIAL_FINISHED - session results may be incomplete. CANCELED - session is cancelled by exception. INVALIDATED - session is invalidated by configuration changes such as VM migration. TIMEOUT - session is not completed on time. enum: - IN_PROGRESS - FINISHED - PARTIAL_FINISHED - CANCELED - INVALIDATED - TIMEOUT readOnly: true title: |- Operation state type: string request_status: description: | The status of a Livetrace request. SUCCESS_DELIVERED - The request is delivered successfully. LCP_FAILURE - LCP agent fails to realize the request. INVALID_FILTER - Filter is invalid. DATAPATH_FAILURE - Dataplane fails to realize the request. TIMEOUT - The response to the request is not received within timeout. CONNECTION_ERROR - There is connection error between host components. UNKNOWN - The status of request cannot be determined. enum: - SUCCESS_DELIVERED - LCP_FAILURE - INVALID_FILTER - DATAPATH_FAILURE - CONNECTION_ERROR - TIMEOUT - UNKNOWN readOnly: true title: |- Livetrace request status type: string source_lport: description: |- The source logical port readOnly: true title: |- The source logical port type: string timeout: description: |- Timeout in seconds for livetrace session format: int64 maximum: 300 minimum: 5 readOnly: true title: |- Timeout in seconds for livetrace session type: integer type: object x-vmw-nsx-module: LiveTrace x-vmw-nsx-module: LiveTrace LocalEgress: description: | Local Egress is used on both server and client sites so that the gateway is used for N-S traffic and overhead on L2VPN tunnel is reduced. properties: optimized_ips: description: | Gateway IP for Local Egress. Local egress is enabled only when this list is not empty. items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 1 minItems: 1 title: |- Gateway IP for Local Egress type: array title: |- Local Egress type: object x-vmw-nsx-module: PolicyConnectivity LocalEgressRoutingEntry: description: |- Local egress routing policy properties: nexthop_address: description: | Next hop address for proximity routing. title: |- Next hop address type: string prefix_list_paths: description: | The destination address of traffic matching a prefix-list is forwarded to the nexthop_address. Traffic matching a prefix list with Action DENY will be dropped. Individual prefix-lists specified could have different actions. items: type: string maxItems: 1 title: |- Policy path to prefix lists type: array required: - nexthop_address - prefix_list_paths title: |- Local egress routing policy type: object x-vmw-nsx-module: PolicyConnectivity LocaleServices: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bfd_profile_path: description: | This profile is applied to all static route peers in this locale. BFD profile configured on static route peers takes precedence over global configuration. If this field is empty, a default profile is applied to all peers. title: |- Policy path of BFD profile type: string edge_cluster_path: description: | The reference to the edge cluster using the policy path of the edge cluster. Auto assigned on Tier0 if the associated enforcement point has only one edge cluster. For Tier1 ACTIVE-ACTIVE, edge cluster can not be removed and Edge Cluster will be defaulted to edge cluster from connected Tier0. title: |- Edge cluster path type: string ha_vip_configs: description: |- This configuration can be defined only for Active-Standby Tier0 gateway to provide redundancy. For mulitple external interfaces, multiple HA VIP configs must be defined and each config will pair exactly two external interfaces. The VIP will move and will always be owned by the Active node. When this property is configured, configuration of dynamic-routing is not allowed. items: $ref: '#/definitions/Tier0HaVipConfig' title: |- Array of HA VIP Config. type: array preferred_edge_paths: description: | Policy paths to edge nodes. For Tier1 gateway, the field is used to statically assign the ordered list of up to two edge nodes for stateful services. To enable auto allocation of nodes from the specified edge cluster the field must be left unset. The auto allocation of nodes is supported only for the Tier1 gateway. For Tier0 gateway specified edge is used as a preferred edge node when failover mode is set to PREEMPTIVE, not applicable otherwise. items: type: string maxItems: 2 title: |- Edge node path type: array route_redistribution_config: $ref: '#/definitions/Tier0RouteRedistributionConfig' route_redistribution_types: description: | Enable redistribution of different types of routes on Tier-0. This property is only valid for locale-service under Tier-0. This property is deprecated, please use "route_redistribution_config" property to configure redistribution rules. items: description: | Tier-0 route redistribution types. TIER0_STATIC: Redistribute user added static routes. TIER0_CONNECTED: Redistribute all subnets configured on Interfaces and routes related to TIER0_SEGMENT, TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT types. TIER1_STATIC: Redistribute all subnets and static routes advertised by Tier-1s. TIER0_EXTERNAL_INTERFACE: Redistribute external interface subnets on Tier-0. TIER0_LOOPBACK_INTERFACE: Redistribute loopback interface subnets on Tier-0. TIER0_SEGMENT: Redistribute subnets configured on Segments connected to Tier-0. TIER0_ROUTER_LINK: Redistribute router link port subnets on Tier-0 TIER0_SERVICE_INTERFACE: Redistribute Tier0 service interface subnets. TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets. TIER0_IPSEC_LOCAL_IP: Redistribute IPSec subnets. TIER0_NAT: Redistribute NAT IPs owned by Tier-0. TIER0_EVPN_TEP_IP: Redistribute EVPN local endpoint subnets on Tier-0. TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances. TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances. TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances. TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1 instances. TIER1_CONNECTED: Redistribute all subnets configured on Segments and Service Interfaces. TIER1_SERVICE_INTERFACE: Redistribute Tier1 service interface subnets. TIER1_SEGMENT: Redistribute subnets configured on Segments connected to Tier1. TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets advertised by TIER1. Route redistribution destination is BGP. enum: - TIER0_STATIC - TIER0_CONNECTED - TIER0_EXTERNAL_INTERFACE - TIER0_SEGMENT - TIER0_ROUTER_LINK - TIER0_SERVICE_INTERFACE - TIER0_LOOPBACK_INTERFACE - TIER0_DNS_FORWARDER_IP - TIER0_IPSEC_LOCAL_IP - TIER0_NAT - TIER0_EVPN_TEP_IP - TIER1_NAT - TIER1_STATIC - TIER1_LB_VIP - TIER1_LB_SNAT - TIER1_DNS_FORWARDER_IP - TIER1_CONNECTED - TIER1_SERVICE_INTERFACE - TIER1_SEGMENT - TIER1_IPSEC_LOCAL_ENDPOINT type: string title: |- Enable redistribution of different types of routes on Tier-0 type: array x-deprecated: true type: object x-vmw-nsx-module: PolicyConnectivity description: |- Site specific configuration of Tier0 in multi-site scenario title: |- Locale-services configuration x-vmw-nsx-module: PolicyConnectivity LocaleServicesListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- LocaleServices results items: $ref: '#/definitions/LocaleServices' title: |- LocaleServices results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of LocaleServices title: |- Paged collection of LocaleServices x-vmw-nsx-module: PolicyConnectivity LogicalPortOperationalStatus: properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer logical_port_id: description: |- The id of the logical port readOnly: true title: |- The id of the logical port type: string status: description: |- The Operational status of the logical port enum: - UP - DOWN - UNKNOWN title: |- The Operational status of the logical port type: string required: - status type: object x-vmw-nsx-module: AggSvcLogicalPort LogicalPortStatistics: allOf: - $ref: '#/definitions/AggregatedDataCounterEx' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer logical_port_id: description: |- The id of the logical port readOnly: true title: |- The id of the logical port type: string type: object x-vmw-nsx-module: AggSvcLogicalPort x-vmw-nsx-module: AggSvcLogicalPort LogicalRouterPortCounters: properties: blocked_packets: description: |- The total number of packets blocked. format: int64 title: |- The number of blocked packets type: integer dad_dropped_packets: description: |- Number of duplicate address detected packets dropped. format: int64 title: |- The number of duplicate address detected packets dropped type: integer destination_unsupported_dropped_packets: description: |- Number of packtes dropped as destination is not supported. format: int64 title: |- The number of destination unsupported packets dropped type: integer dropped_packets: description: |- The total number of packets dropped. format: int64 title: |- The number of dropped packets type: integer firewall_dropped_packets: description: |- Number of firewall packets dropped. format: int64 title: |- The number of firewall packets dropped type: integer frag_needed_dropped_packets: description: |- Number of fragmentation needed packets dropped. format: int64 title: |- The number of fragmentation needed packets dropped type: integer ipsec_dropped_packets: description: |- Number of IPSec packets dropped format: int64 title: |- The number of IPSec packets dropped type: integer ipsec_no_sa_dropped_packets: description: |- Number of IPSec no security association packets dropped. format: int64 title: |- The number of IPSec no security association packets dropped type: integer ipsec_no_vti_dropped_packets: description: |- Number of IPSec packets dropped as no VTI is present. format: int64 title: |- The number of IPSec no VTI packets dropped type: integer ipsec_pol_block_dropped_packets: description: |- Number of IPSec policy block packets dropped. format: int64 title: |- The number of IPSec policy block packets dropped type: integer ipsec_pol_err_dropped_packets: description: |- Number of IPSec policy error packets dropped. format: int64 title: |- The number of IPSec policy error packets dropped type: integer ipv6_dropped_packets: description: |- Number of IPV6 packets dropped. format: int64 title: |- The number of IPV6 packets dropped type: integer kni_dropped_packets: description: |- Number of DPDK kernal NIC interface packets dropped. format: int64 title: |- The number of kernal NIC interface packets dropped type: integer l4port_unsupported_dropped_packets: description: |- Number of packets dropped due to unsupported L4 port. format: int64 title: |- The number of L4 port unsupported packets dropped type: integer malformed_dropped_packets: description: |- Number of packtes dropped as they are malformed. format: int64 title: |- The number of malformed packets dropped type: integer no_arp_dropped_packets: description: |- Number of no ARP packets dropped. format: int64 title: |- The number of no ARP packets dropped type: integer no_linked_dropped_packets: description: |- Number of packets dropped as no linked ports are present. format: int64 title: |- The number of no linked packets dropped type: integer no_mem_dropped_packets: description: |- Number of packets dropped due to insufficient memory. format: int64 title: |- The number of no memory packets dropped type: integer no_receiver_dropped_packets: description: |- Number of packets dropped due to absence of receiver. format: int64 title: |- The number of no receiver packets dropped type: integer no_route_dropped_packets: description: |- The number of no route packets dropped format: int64 title: |- The number of no route packets dropped type: integer non_ip_dropped_packets: description: |- Number of non IP packets dropped. format: int64 title: |- The number of non IP packets dropped type: integer proto_unsupported_dropped_packets: description: |- Number of packets dropped as protocol is unsupported. format: int64 title: |- The number of protocol unsupported packets dropped type: integer redirect_dropped_packets: description: |- Number of redirect packets dropped. format: int64 title: |- The number of redirect packets dropped type: integer rpf_check_dropped_packets: description: |- Number of reverse-path forwarding check packets dropped. format: int64 title: |- The number of reverse-path forwarding check packets dropped type: integer service_insert_dropped_packets: description: |- Number of service insert packets dropped. format: int64 title: |- The number of service insert packets dropped type: integer total_bytes: description: |- The total number of bytes transferred. format: int64 title: |- The total number of bytes type: integer total_packets: description: |- The total number of packets transferred. format: int64 title: |- The total number of packets type: integer ttl_exceeded_dropped_packets: description: |- Number of time to live exceeded packets dropped. format: int64 title: |- The number of time to live exceeded packets dropped type: integer type: object x-vmw-nsx-module: AggSvcLogicalRouterPort LogicalRouterPortStatistics: properties: logical_router_port_id: description: |- The ID of the logical router port title: |- The ID of the logical router port type: string per_node_statistics: additionalProperties: false description: |- Per Node Statistics items: $ref: '#/definitions/LogicalRouterPortStatisticsPerNode' readOnly: true title: |- Per Node Statistics type: array required: - logical_router_port_id type: object x-vmw-nsx-module: AggSvcLogicalRouterPort LogicalRouterPortStatisticsPerNode: allOf: - $ref: '#/definitions/AggregatedLogicalRouterPortCounters' - properties: transport_node_id: description: |- The ID of the TransportNode readOnly: true title: |- The ID of the TransportNode type: string type: object x-vmw-nsx-module: AggSvcLogicalRouterPort x-vmw-nsx-module: AggSvcLogicalRouterPort LogicalRouterPortStatisticsSummary: allOf: - $ref: '#/definitions/AggregatedLogicalRouterPortCounters' - properties: logical_router_port_id: description: |- The ID of the logical router port title: |- The ID of the logical router port type: string required: - logical_router_port_id type: object x-vmw-nsx-module: AggSvcLogicalRouterPort x-vmw-nsx-module: AggSvcLogicalRouterPort LogicalRouterState: allOf: - $ref: '#/definitions/EdgeConfigurationState' - type: object x-vmw-nsx-module: LogicalRouter description: |- This holds the state of Logical Router. If there are errors in realizing LR outside of MP, it gives details of the components and specific errors. title: |- Realization State of Logical Router. x-vmw-nsx-module: LogicalRouter LogicalRouterStatus: properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer locale_operation_mode: description: | Egress mode for the logical router at given mode enum: - PRIMARY_LOCATION - SECONDARY_LOCATION readOnly: true title: |- Location mode for logical router type: string logical_router_id: description: |- The id of the logical router title: |- The id of the logical router type: string per_node_status: description: |- Per Node Status items: $ref: '#/definitions/LogicalRouterStatusPerNode' readOnly: true title: |- Per Node Status type: array required: - logical_router_id type: object x-vmw-nsx-module: AggSvcLogicalRouter LogicalRouterStatusPerNode: properties: edge_path: description: |- Only populated by Policy APIs title: |- edge transport node path. type: string high_availability_status: description: |- A service router's HA status on an edge node enum: - ACTIVE - STANDBY - DOWN - SYNC - UNKNOWN - ADMIN_DOWN title: |- A service router's HA status on an edge node type: string service_router_id: description: |- id of the service router where the router status is retrieved. title: |- id of the service router where the router status is retrieved. type: string sub_cluster_id: description: | This field is populated for sateful active-active mode. Runtime state is only synced among nodes in the same sub cluster. title: |- Sub cluster id for the node. type: string transport_node_id: description: |- id of the transport node where the router status is retrieved. title: |- id of the transport node where the router status is retrieved. type: string required: - high_availability_status - transport_node_id type: object x-vmw-nsx-module: AggSvcLogicalRouter LogicalSwitchStatistics: allOf: - $ref: '#/definitions/AggregatedDataCounterEx' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer logical_switch_id: description: |- The id of the logical Switch readOnly: true title: |- The id of the logical Switch type: string type: object x-vmw-nsx-module: AggSvcLogicalSwitch x-vmw-nsx-module: AggSvcLogicalSwitch LoginLogoutEventCollection: description: |- Collection of Login/Logout events reported to Policy properties: login_logout_events: description: |- Set of user to IP address pair items: $ref: '#/definitions/LoginLogoutEventMap' title: |- Set of user to IP address pair type: array required: - login_logout_events title: |- Login/Logout event Collection type: object x-vmw-nsx-module: PolicyIdfwLoginLogoutEvents LoginLogoutEventMap: description: |- User Login/Logout event Map properties: domain_name: description: |- Domain name title: |- Domain name type: string event_source: enum: - LI type: string event_time: description: |- Timestamp in milliseconds since epoch format: int64 type: integer event_type: enum: - LOGIN - LOGOUT type: string ip_address: description: |- IP Address of user format: ip type: string user_name: description: |- User name title: |- User name type: string required: - event_source - event_type - event_time - user_name - domain_name - ip_address title: |- User Login/Logout event Map type: object x-vmw-nsx-module: PolicyIdfwLoginLogoutEvents MACAddressExpression: allOf: - $ref: '#/definitions/Expression' - properties: mac_addresses: description: |- This array can consist of one or more MAC addresses. items: description: | A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case, separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB. format: mac-address type: string maxItems: 4000 minItems: 1 title: |- Array of MAC addresses type: array required: - mac_addresses type: object x-vmw-nsx-module: Policy description: |- Represents MAC address expressions in the form of an array, to support addition of MAC addresses in a group. Avoid creating groups with multiple MACAddressExpression. In future releases, group will be restricted to contain a single MACAddressExpression. To group MAC addresses, use nested groups instead of multiple MACAddressExpression. title: |- MAC address expression node x-vmw-nsx-module: Policy MACAddressList: description: |- List of MAC Addresses. properties: mac_addresses: description: |- The array contains MAC addresses. items: description: | A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case, separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB. format: mac-address type: string maxItems: 4000 minItems: 1 title: |- Array of MAC addresses type: array required: - mac_addresses title: |- MAC Address members. type: object x-vmw-nsx-module: Policy MacAddressCsvListResult: allOf: - $ref: '#/definitions/CsvListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/MacTableCsvRecord' type: array type: object x-vmw-nsx-module: AggSvcLogicalSwitch x-vmw-nsx-module: AggSvcLogicalSwitch MacDiscoveryProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: mac_change_enabled: default: false description: |- Allowing source MAC address change title: |- Is rule enabled or not type: boolean mac_learning_aging_time: default: 600 description: |- Indicates how long learned MAC address remain. format: int32 readOnly: true title: |- Aging time in seconds for learned MAC address type: integer mac_learning_enabled: description: |- Allowing source MAC address learning title: |- Is MAC learning enabled or not type: boolean mac_limit: default: 4096 description: | The maximum number of mac addresses that can be learnt on this port when mac learning is enabled. format: int32 maximum: 4096 minimum: 0 title: |- Maximum number of MAC addresses learnt type: integer mac_limit_policy: default: ALLOW description: |- The policy after MAC Limit is exceeded enum: - ALLOW - DROP title: |- Mac Limit Policy type: string remote_overlay_mac_limit: default: 2048 description: | The maximum number of mac addresses learnt on an overlay logical switch, irrespective of whether mac learning is enabled on the segment ports. When this limit is reached, traffic for mac addresses that are not learnt will be flooded. format: int32 maximum: 8192 minimum: 2048 title: |- The maximum number of MAC addresses learned on an overlay Logical Switch type: integer unknown_unicast_flooding_enabled: default: true description: |- Allowing flooding for unlearned MAC for ingress traffic title: |- Is unknown unicast flooding rule enabled or not type: boolean required: - mac_learning_enabled type: object x-vmw-nsx-module: PolicyMacDiscovery description: |- Mac Discovery Profile title: |- Mac Discovery Profile x-vmw-nsx-module: PolicyMacDiscovery MacDiscoveryProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Mac Discovery profile list results items: $ref: '#/definitions/MacDiscoveryProfile' title: |- Mac Discovery profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyMacDiscovery description: |- Paged collection of Mac Discovery Profiles title: |- Paged collection of Mac Discovery Profiles x-vmw-nsx-module: PolicyMacDiscovery MacLearningCounters: properties: mac_not_learned_packets_allowed: description: |- The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW. format: int64 title: |- Number of dispatched packets with unknown source MAC address. type: integer mac_not_learned_packets_dropped: description: |- The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP. format: int64 title: |- Number of dropped packets with unknown source MAC address. type: integer macs_learned: description: |- Number of MACs learned format: int64 title: |- Number of MACs learned type: integer type: object x-vmw-nsx-module: AggSvcL2Types MacTableCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: mac_address: description: |- The MAC address title: |- The MAC address type: string rtep_group_id: description: | RTEP group id is applicable when the logical switch is stretched across multiple sites. When rtep_group_id is set, mac_address represents remote mac_address. format: int64 title: |- Remote tunnel endpoint(RTEP) group id type: integer vtep_group_id: description: | VTEP group id is applicable when the logical switch is stretched across multiple sites. When vtep_group_id is set, mac_address represents remote mac_address. format: int64 title: |- Virtual tunnel endpoint(VTEP) group id type: integer vtep_ip: description: |- The virtual tunnel endpoint IP address format: ip type: string vtep_mac_address: description: |- The virtual tunnel endpoint MAC address title: |- The virtual tunnel endpoint MAC address type: string required: - mac_address type: object x-vmw-nsx-module: AggSvcLogicalSwitch x-vmw-nsx-module: AggSvcLogicalSwitch MacTableEntry: properties: mac_address: description: |- The MAC address title: |- The MAC address type: string rtep_group_id: description: | RTEP group id is applicable when the logical switch is stretched across multiple sites. When rtep_group_id is set, mac_address represents remote mac_address. format: int64 title: |- Remote tunnel endpoint(RTEP) group id type: integer vtep_group_id: description: | VTEP group id is applicable when the logical switch is stretched across multiple sites. When vtep_group_id is set, mac_address represents remote mac_address. format: int64 title: |- Virtual tunnel endpoint(VTEP) group id type: integer vtep_ip: description: |- The virtual tunnel endpoint IP address format: ip type: string vtep_mac_address: description: |- The virtual tunnel endpoint MAC address title: |- The virtual tunnel endpoint MAC address type: string required: - mac_address type: object x-vmw-nsx-module: AggSvcLogicalSwitch MalwarePreventionProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: detection_type: description: | Represents how the Malware Prevention detection works. enum: - SIGNATURE_BASED - SIGNATURE_AND_SANDBOXING_BASED title: |- Detection Types type: string file_type: description: | Represents different type of files extensions supported in Malware Prevention. items: description: |- MalwarePrevention File type enum: - DOCUMENT - EXECUTABLE - MEDIA - ARCHIVE - DATA - SCRIPT - OTHER type: string title: |- File Type type: array required: - file_type - detection_type type: object x-vmw-nsx-module: PolicyAntiMalware description: | MalwarePrevention Profile which contains the criteria to include Malware Prevention signatures. title: |- Malware Prevention Profile x-vmw-nsx-module: PolicyAntiMalware MalwarePreventionProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Malware Prevention profile list results items: $ref: '#/definitions/MalwarePreventionProfile' title: |- Malware Prevention profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyAntiMalware description: |- Paged collection of Malware Prevention profiles title: |- Paged collection of Malware Prevention profiles x-vmw-nsx-module: PolicyAntiMalware MalwarePreventionSignature: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: file_type: description: | File type of Signature. title: |- File Type type: string signature_id: description: | Represents the Signature's id. title: |- Signature ID type: string type: object x-vmw-nsx-module: PolicyAntiMalware description: | Malware Prevention Signature . title: |- Malware Prevention Signature x-vmw-nsx-module: PolicyAntiMalware MalwarePreventionSignatureListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- MalwarePrevention signature list results items: $ref: '#/definitions/MalwarePreventionSignature' title: |- MalwarePrevention signature list results type: array required: - results type: object x-vmw-nsx-module: PolicyAntiMalware description: |- Paged collection of MalwarePrevention signatures title: |- Paged collection of MalwarePrevention signatures x-vmw-nsx-module: PolicyAntiMalware ManagedResource: allOf: - $ref: '#/definitions/RevisionedResource' - properties: _create_time: description: |- Timestamp of resource creation format: int64 readOnly: true type: integer _create_user: description: |- ID of the user who created this resource readOnly: true type: string _last_modified_time: description: |- Timestamp of last modification format: int64 readOnly: true type: integer _last_modified_user: description: |- ID of the user who last modified this resource readOnly: true type: string _protection: description: | Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. readOnly: true title: |- Indicates protection status of this resource type: string _system_owned: description: |- Indicates system owned resource readOnly: true type: boolean description: description: |- Description of this resource maxLength: 1024 title: |- Description of this resource type: string display_name: description: |- Defaults to ID if not set maxLength: 255 title: |- Identifier to use when displaying entity in logs or GUI type: string id: description: |- Unique identifier of this resource title: |- Unique identifier of this resource type: string resource_type: description: |- The type of this resource. readOnly: false type: string tags: description: |- Opaque identifiers meaningful to the API user items: $ref: '#/definitions/Tag' maxItems: 30 title: |- Opaque identifiers meaningful to the API user type: array type: object x-vmw-nsx-module: Common description: |- Base type for resources that are managed by API clients title: |- Base type for resources that are managed by API clients x-vmw-nsx-module: Common ManagementConfig: allOf: - $ref: '#/definitions/RevisionedResource' - properties: publish_fqdns: description: |- True if Management nodes publish their fqdns(instead of default IP addresses) across NSX for its reachability. title: |- True if Management nodes publish their fqdns(instead of default IP addresses) across NSX for its reachability. type: boolean required: - publish_fqdns type: object x-vmw-nsx-module: ConfigManagement x-vmw-nsx-module: ConfigManagement MetadataProxyConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: crypto_protocols: description: |- The cryptographic protocols listed here are supported by the metadata proxy. TLSv1.1 and TLSv1.2 are supported by default items: description: |- Metadata proxy supported cryptographic protocol enum: - TLS_V1 - TLS_V1_1 - TLS_V1_2 type: string title: |- Metadata proxy supported cryptographic protocols type: array edge_cluster_path: description: |- Edge clusters configured on MP are auto-discovered by Policy and create corresponding read-only intent objects. title: |- Poilcy path to Edge Cluster type: string enable_standby_relocation: default: false description: |- Only auto-placed metadata proxies are considered for relocation. Must be FALSE, when the preferred_edge_paths property is configured. title: |- Flag to enable standby relocation type: boolean preferred_edge_paths: description: |- Edge nodes should be members of edge cluster configured in edge_cluster_path. items: type: string maxItems: 2 title: |- Preferred Edge Paths type: array secret: description: |- Secret word or phrase to access metadata server. title: |- Secret type: string server_address: description: |- This field is a URL. Example formats - http://1.2.3.4:3888/path, http://text-md-proxy:5001/. Port number should be between 3000-9000. title: |- Server Address type: string server_certificates: description: |- Valid certificates should be configured. The validity of certificates is not checked. Certificates are managed through /infra/certificates API on Policy. items: type: string title: |- Policy paths to Certificate Authority (CA) certificates type: array required: - server_address - edge_cluster_path - secret type: object x-vmw-nsx-module: PolicyMetadataProxy description: |- Metadata Proxy Configuration title: |- Metadata Proxy Configuration x-vmw-nsx-module: PolicyMetadataProxy MetadataProxyConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of metadata proxy configurations items: $ref: '#/definitions/MetadataProxyConfig' title: |- Paginated list of metadata proxy configurations type: array required: - results type: object x-vmw-nsx-module: PolicyMetadataProxy x-vmw-nsx-module: PolicyMetadataProxy MetadataProxyStatisticsPerSegment: properties: error_responses_from_nova_server: description: |- error responses from nova server format: int64 title: |- error responses from nova server type: integer requests_from_clients: description: |- requests from clients format: int64 title: |- requests from clients type: integer requests_to_nova_server: description: |- requests to nova server format: int64 title: |- requests to nova server type: integer responses_to_clients: description: |- responses to clients format: int64 title: |- responses to clients type: integer segment_path: description: |- Policy path of the attached segment title: |- Policy path of the attached segment type: string succeeded_responses_from_nova_server: description: |- succeeded responses from nova server format: int64 title: |- succeeded responses from nova server type: integer required: - requests_to_nova_server - succeeded_responses_from_nova_server - requests_from_clients - segment_path - responses_to_clients - error_responses_from_nova_server type: object x-vmw-nsx-module: PolicyMetadataProxy MirrorStackStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: overall_status: description: | SUCCESS if all the TN's stack status are SUCCESS, FAILED if some of the TN's stack status are FAILED. enum: - UNKNOWN - SUCCESS - FAILED type: string results: description: | List all TN nodes which spaned in remote L3 mirror session mirror stack health status detailed info, including mirror stack status, vmknic status, TN node ID, TN node name and last updated status timestamp. items: $ref: '#/definitions/TnNodeStackSpanStatus' title: |- All TN nodes in remote L3 mirror session mirror stack health status type: array required: - overall_status - results type: object x-vmw-nsx-module: PortMirroring x-vmw-nsx-module: PortMirroring MitreAttack: description: | Contain Mitre attack details like tacticName, tacticUrl, techniqueName and techniqueUrl. properties: tactic_name: description: |- Represents tactic name of attack. title: |- Tactic Name type: string tactic_url: description: |- Represents tactic url of attack. title: |- Tactic Url type: string technique_name: description: |- Represents technique name of attack. title: |- Technique Name type: string technique_url: description: |- Represents technique url of attack. title: |- Technique Url type: string title: |- Mitre Attack type: object x-vmw-nsx-module: PolicyIDSMetrics MonitoringError: description: | Monitoring information is gathered from multiple sub-systems/components, using REST or RPC calls internally. It is quite possible for a component or sub-system fail, in which case it is captured as an error and reported. properties: error_code: description: |- NSX error code if available format: int64 title: |- NSX error code if available type: integer error_message: description: |- Error mesage title: |- Error mesage type: string params: description: |- Parameters for construcing error details items: type: object title: |- Parameters for construcing error details type: array title: |- Represents an error that occurred while gathering information type: object x-vmw-nsx-module: FederationObservability MonitoringInfo: description: | Provides monitoring information for all flows in federation from the given site where the API is invoked. For example - monitoring information from Global Manager doesn't provide details of Local Manager to Local Manager flows. Similary, LocalManager will not provide Global Manager ACTIVE to Global Manager STANDBY flow details. properties: errors: description: |- All errors occurred while gathering monitoring info items: $ref: '#/definitions/MonitoringError' title: |- All errors occurred while gathering monitoring info type: array flow_info: description: |- Monitoring information of flows in federation items: $ref: '#/definitions/FlowInfo' title: |- Monitoring information of flows in federation type: array title: |- Provides details of all flows in federation type: object x-vmw-nsx-module: FederationObservability MonitoringProfileBindingMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: |- Base Monitoring Profile Binding Map title: |- Base Monitoring Profile Binding Map x-vmw-nsx-module: PolicyMonitoringProfileBinding MpOspfExternalLinkState: description: |- OSPF router link state details. properties: advertised_router: description: |- OSPF advertised router readOnly: true title: |- OSPF advertised router type: string checksum: description: |- Cost of the route readOnly: true title: |- Cost of the route type: string link_state_id: description: |- OSPF link id readOnly: true title: |- OSPF link id type: string metric_type: description: |- Type of metric readOnly: true title: |- Type of metric type: string route: description: |- Route with ip address and mask format: ip readOnly: true type: string sequence_number: description: |- Sequence number readOnly: true title: |- Sequence number type: string tag: description: |- Tag format: int64 readOnly: true title: |- Tag type: integer up_time: description: |- LSA age format: int64 readOnly: true title: |- LSA age type: integer title: |- OSPF router link state type: object x-vmw-nsx-module: AggSvcLogicalRouter MpOspfNetworkLinkStates: description: |- OSPF router link state details. properties: advertised_router: description: |- OSPF advertised router readOnly: true title: |- OSPF advertised router type: string checksum: description: |- Cost of the route readOnly: true title: |- Cost of the route type: string link_state_id: description: |- OSPF link id readOnly: true title: |- OSPF link id type: string sequence_number: description: |- Sequence number readOnly: true title: |- Sequence number type: string up_time: description: |- LSA age format: int64 readOnly: true title: |- LSA age type: integer title: |- OSPF router link state type: object x-vmw-nsx-module: AggSvcLogicalRouter MpOspfRouterLinkStates: description: |- OSPF router link state details. properties: advertised_router: description: |- OSPF advertised router readOnly: true title: |- OSPF advertised router type: string checksum: description: |- Cost of the route readOnly: true title: |- Cost of the route type: string link_state_id: description: |- OSPF link id readOnly: true title: |- OSPF link id type: string router_links: description: |- Number of router links format: int64 readOnly: true title: |- Number of router links type: integer sequence_number: description: |- Sequence number readOnly: true title: |- Sequence number type: string up_time: description: |- LSA age format: int64 readOnly: true title: |- LSA age type: integer title: |- OSPF router link state type: object x-vmw-nsx-module: AggSvcLogicalRouter MpOspfSummaryLinkStates: description: |- OSPF summary link state details. properties: advertised_router: description: |- OSPF advertised router readOnly: true title: |- OSPF advertised router type: string checksum: description: |- Cost of the route readOnly: true title: |- Cost of the route type: string link_state_id: description: |- OSPF link id readOnly: true title: |- OSPF link id type: string sequence_number: description: |- Sequence number readOnly: true title: |- Sequence number type: string summary_address: description: |- OSPF summary address format: ip readOnly: true type: string up_time: description: |- LSA age format: int64 readOnly: true title: |- LSA age type: integer title: |- OSPF summary link state type: object x-vmw-nsx-module: AggSvcLogicalRouter MultiWidgetConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: navigation: description: |- Hyperlink of the specified UI page that provides details. maxLength: 1024 title: |- Navigation to a specified UI page type: string widgets: description: |- Array of widgets that are part of the multi-widget. items: $ref: '#/definitions/WidgetItem' maxItems: 2 minItems: 1 title: |- Widgets type: array required: - widgets type: object x-vmw-nsx-module: NsxDashboard description: |- Combines two or more widgetconfigurations into a multi-widget title: |- Multi-Widget x-vmw-nsx-module: NsxDashboard MulticastForwarding: description: |- Multicast forwarding entry. properties: incoming_interface: $ref: '#/definitions/MulticastForwardingInterface' multicast_group: description: |- Multicast group address. format: ip readOnly: true type: string outgoing_interfaces: description: | Array of egress interfaces on whic multicast traffic is forwarded. items: $ref: '#/definitions/MulticastForwardingInterface' readOnly: true title: |- Egress interfaces type: array source: description: |- Multicast source address. format: ip readOnly: true type: string title: |- Multicast forwarding entry type: object x-vmw-nsx-module: AggSvcLogicalRouter MulticastForwardingCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: incoming_interface: description: |- Ingress interface on whic multicast traffic is learned. readOnly: true title: |- Ingress interface type: string multicast_group: description: |- Multicast group address. format: ip readOnly: true type: string outgoing_interfaces: description: | Array of egress interfaces on whic multicast traffic is forwarded. readOnly: true title: |- Egress interfaces type: string source: description: |- Multicast source address. format: ip readOnly: true type: string transport_node: description: |- Transport node uuid or policy path. readOnly: true title: |- Transport node uuid or policy path type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics MulticastForwardingInterface: description: |- Multicast forwarding interface details. properties: ifuid: description: |- Interface id. readOnly: true title: |- Interface id type: string title: |- Multicast forwarding interface type: object x-vmw-nsx-module: AggSvcLogicalRouter MulticastForwardingPerEdge: description: | Multicast Forwarding Per Edge. properties: edge_path: description: | Policy path to edge node. title: |- Policy path to edge node type: string mcast_forwarding: items: $ref: '#/definitions/MulticastForwarding' type: array required: - edge_path title: |- Multicast Forwarding Per Edge type: object x-vmw-nsx-module: PolicyConnectivityStatistics MulticastRoute: description: |- Multicast route details. properties: group: description: |- Multicast group address. format: ip readOnly: true type: string input_interface: description: |- Ingress interface on which multicast traffic is learned. readOnly: true title: |- Ingress interface type: string output_interface: description: |- Egress interface on which multicast traffic is forwarded. readOnly: true title: |- Egress interface type: string source_address: description: |- Multicast source address. format: ip readOnly: true type: string ttl: description: |- Time-to-live value for multicast packets. format: int64 readOnly: true title: |- Time to live type: integer uptime: description: |- Time for which multicast route entry is active. readOnly: true title: |- Multicast route uptime type: string title: |- Multicast route details type: object x-vmw-nsx-module: AggSvcLogicalRouter MulticastRouteCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: group: description: |- Multicast group address. format: ip readOnly: true type: string input_interface: description: |- Ingress interface on which multicast traffic is learned. readOnly: true title: |- Ingress interface type: string output_interface: description: |- Egress interface on which multicast traffic is forwarded. readOnly: true title: |- Egress interface type: string source_address: description: |- Multicast source address. format: ip readOnly: true type: string transport_node: description: |- Transport node uuid or policy path. readOnly: true title: |- Transport node uuid or policy path type: string ttl: description: |- Time-to-live value for multicast packets. format: int64 readOnly: true title: |- Time to live type: integer uptime: description: |- Time for which multicast route entry is active. readOnly: true title: |- Multicast route uptime type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics MulticastRoutesPerEdge: allOf: - $ref: '#/definitions/ListResult' - properties: edge_path: description: | Policy path to edge node. title: |- Policy path to edge node type: string mcast_routes: items: $ref: '#/definitions/MulticastRoute' type: array required: - edge_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | Multicast Routes Per Edge. title: |- Multicast Routes Per Edge x-vmw-nsx-module: PolicyConnectivityStatistics NDRAAdvertisedRoute: properties: route_lifetime: default: 1800 description: | Lifetime of advertised route in seconds. format: int64 maximum: 65520 minimum: 0 title: |- Lifetime of advertised route type: integer route_preference: default: MEDIUM description: | NDRA Route preference. Indicates preference of the router associated with a prefix over others, when multiple identical prefixes (for different routers) have been received. enum: - LOW - MEDIUM - HIGH - RESERVED type: string subnet: description: | Advertised route subnet format: ipv6-cidr-block type: string required: - subnet type: object x-vmw-nsx-module: Routing NSXTConnectionInfo: allOf: - $ref: '#/definitions/EnforcementPointConnectionInfo' - properties: edge_cluster_ids: description: | Edge Cluster UUIDs on enforcement point. Edge cluster information is required for creating logical L2, L3 constructs on enforcement point. Max 1 edge cluster ID. This is a deprecated property. The edge cluster id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/edge-clusters and GET /infra/sites/site-id/enforcement-points/enforcementpoint-1/edge-clusters/edge-cluster-id. The value passed through this property will be ignored. items: type: string maxItems: 1 title: |- Edge Cluster IDs type: array x-deprecated: true password: description: |- Password. title: |- Password type: string thumbprint: description: | Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX. title: |- Thumbprint of Enforcement Point type: string transport_zone_ids: description: | Transport Zone UUIDs on enforcement point. Transport zone information is required for creating logical L2, L3 constructs on enforcement point. Max 1 transport zone ID. This is a deprecated property. The transport zone id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones and GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones/transport-zone-id. The value passed through this property will be ignored. items: type: string maxItems: 1 title: |- Transport Zone IDs type: array x-deprecated: true username: description: |- Username. title: |- Username type: string type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Credential info to connect to an NSX-T type of enforcement point. title: |- NSX-T Connection Info x-vmw-nsx-module: PolicyEnforcementPointManagement NSXVConnectionInfo: allOf: - $ref: '#/definitions/EnforcementPointConnectionInfo' - properties: password: description: |- Password. title: |- Password type: string thumbprint: description: | Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX. title: |- Thumbprint of Enforcement Point type: string username: description: |- Username. title: |- Username type: string required: - thumbprint type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Credential info to connect to an NSX-V type of enforcement point. title: |- NSX-V Connection Info x-vmw-nsx-module: PolicyEnforcementPointManagement NamedTeamingPolicy: allOf: - $ref: '#/definitions/TeamingPolicy' - properties: name: description: |- An uplink teaming policy of a given name defined in UplinkHostSwitchProfile. The names of all NamedTeamingPolicies in an UplinkHostSwitchProfile must be different, but a name can be shared by different UplinkHostSwitchProfiles. Different TransportNodes can use different NamedTeamingPolicies having the same name in different UplinkHostSwitchProfiles to realize an uplink teaming policy on a logical switch. An uplink teaming policy on a logical switch can be any policy defined by a user; it does not have to be a single type of FAILOVER or LOADBALANCE. It can be a combination of types, for instance, a user can define a policy with name "MyHybridTeamingPolicy" as "FAILOVER on all ESX TransportNodes and LOADBALANCE on all KVM TransportNodes". The name is the key of the teaming policy and can not be changed once assigned. title: |- The name of the uplink teaming policy type: string required: - name type: object x-vmw-nsx-module: UplinkHostSwitchProfile description: |- Uplink Teaming Policy with a name that can be referenced by logical switches title: |- Uplink Teaming Policy with a name that can be referenced by logical switches x-vmw-nsx-module: UplinkHostSwitchProfile NamespaceMemberDetails: description: | Details of the member belonging to a Group properties: display_name: description: |- The display name of the member on the enforcement point readOnly: true title: |- The display name of the member on the enforcement point type: string id: description: |- The ID of the member on the enforcement point readOnly: true title: |- The ID of the member on the enforcement point type: string pods: items: $ref: '#/definitions/PolicyGroupMemberDetails' type: array required: - pods title: |- Group member details type: object x-vmw-nsx-module: PolicyGroupRealization NdSnoopingConfig: description: | Contains Neighbor Discovery Protocol (ND) snooping related configuration. properties: nd_snooping_enabled: default: false description: | Enable this method will snoop the NS (Neighbor Solicitation) and NA (Neighbor Advertisement) messages in the ND (Neighbor Discovery Protocol) family of messages which are transmitted by a VM. From the NS messages, we will learn about the source which sent this NS message. From the NA message, we will learn the resolved address in the message which the VM is a recipient of. Addresses snooped by this method are subject to TOFU (Trust on First Use) policies as enforced by the system. title: |- Is ND snooping enabled or not type: boolean nd_snooping_limit: default: 3 description: | Maximum number of ND (Neighbor Discovery Protocol) snooped IPv6 addresses format: int32 maximum: 15 minimum: 2 title: |- Maximum number of ND (Neighbor Discovery Protocol) bindings type: integer title: |- ND Snooping Configuration type: object x-vmw-nsx-module: PolicyIpDiscovery NdpHeader: description: |- Neighbor discovery protocol header properties: dst_ip: description: |- The IP address of the destination of the solicitation. It MUST NOT be a multicast address. format: ipv6 type: string msg_type: default: NEIGHBOR_SOLICITATION description: |- This field specifies the type of the Neighbor discover message being sent. NEIGHBOR_SOLICITATION - Neighbor Solicitation message to discover the link-layer address of an on-link IPv6 node or to confirm a previously determined link-layer address. NEIGHBOR_ADVERTISEMENT - Neighbor Advertisement message in response to a Neighbor Solicitation message. enum: - NEIGHBOR_SOLICITATION - NEIGHBOR_ADVERTISEMENT title: |- NDP message type type: string title: |- Neighbor discovery protocol header type: object x-vmw-nsx-module: Traceflow NeighborProperties: description: |- Neighbor properties properties: capabilities: description: |- Capabilities readOnly: true title: |- Capabilities type: string enabled_capabilities: description: |- Enabled capabilities readOnly: true title: |- Enabled capabilities type: string ifindex: description: |- Interface index format: int64 readOnly: true title: |- Interface index type: integer link_aggregation_capable: description: |- Aggregation Capability readOnly: true title: |- Aggregation Capability type: boolean link_aggregation_port_id: description: |- Aggregation port id readOnly: true title: |- Aggregation port id type: string link_aggregation_status: description: |- True if currently in aggregation readOnly: true title: |- Aggregation Status type: boolean mac: description: |- Interface MAC address readOnly: true title: |- Interface MAC address type: string mgmt_addr: description: |- Management address readOnly: true title: |- Management address type: string name: description: |- Interface name readOnly: true title: |- Interface name type: string oid: description: |- Object identifier readOnly: true title: |- Object identifier type: string port_desc: description: |- Port description readOnly: true title: |- Port description type: string system_desc: description: |- System description readOnly: true title: |- System description type: string system_name: description: |- System name readOnly: true title: |- System name type: string system_port_number: description: |- System port number format: int64 readOnly: true title: |- System port number type: integer title: |- Neighbor properties type: object x-vmw-nsx-module: Lldp NestedExpression: allOf: - $ref: '#/definitions/Expression' - properties: expressions: description: |- Expression. items: $ref: '#/definitions/Expression' minItems: 1 title: |- Expression type: array required: - expressions type: object x-vmw-nsx-module: Policy description: | Nested expressions is a list of condition expressions that must follow the below criteria: 0. Only allowed expressions in a NestedExpression are Condition and ConjunctionOperator. 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all condition expressions must be at even indices, separated by the conjunction expressions AND at odd indices. 2. There may be at most 5 condition expressions inside a list. 3. NestedExpressions are homogeneous in nature, i.e, all expressions inside a nested expression must have the same member type. title: |- NestedExpression x-vmw-nsx-module: Policy NestedServiceServiceEntry: allOf: - $ref: '#/definitions/ServiceEntry' - properties: nested_service_path: description: |- path of nested service title: |- path of nested service type: string required: - nested_service_path type: object x-vmw-nsx-module: Policy description: |- A ServiceEntry that represents nesting service title: |- A ServiceEntry that represents nesting service x-vmw-nsx-module: Policy NetworkError: description: |- Network error related to container objects. properties: error_code: description: |- Error code of network related error. readOnly: true title: |- Error code type: string error_message: description: |- Detailed message of network related error. readOnly: true title: |- Error message type: string spec: description: |- Additional error information in json format. readOnly: true title: |- Other specifications type: string title: |- Network Error type: object x-vmw-nsx-module: InventoryContainerObj NewRole: description: |- New Role properties: new_role_description: description: |- New role description title: |- New role description type: string new_role_id: description: |- New role id title: |- New role id type: string new_role_name: description: |- New role name title: |- New role name type: string required: - new_role_name - new_role_id title: |- New Role type: object x-vmw-nsx-module: AAA NicMetadata: description: |- Information on the Network interfaces present on the partner appliance that needs to be configured by the NSX Manager. properties: interface_index: description: |- Network Interface index. format: int64 minimum: 0 readOnly: false title: |- Interface Index type: integer interface_label: description: |- Network Interface label. readOnly: false title: |- Interface label type: string interface_type: description: |- Interface that needs to be configured on the partner appliance. Ex. MANAGEMENT, DATA1, DATA2, HA1, HA2, CONTROL. enum: - MANAGEMENT - DATA1 - DATA2 - HA1 - HA2 - CONTROL readOnly: false title: |- Interface type type: string transports: description: |- Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP and MPS. Here, the transports array specifies the kinds of transport where this particular NIC is user configurable. If nothing is specified, and the "user_configurable" flag is true, then user configuration will be allowed for all transports. If any transport is/are specified, then it will be considered as user configurable for the specified transports only." items: enum: - L2_BRIDGE - L3_ROUTED - NSH type: string maxItems: 3 minItems: 0 readOnly: false title: |- Transport Type type: array user_configurable: description: |- Used to specify if the given interface needs configuration. Management nics will always need the configuration, for others it will be use case specific. For example, a DATA NIC may be user configurable if the appliance is deployed in certain mode, such as L3_ROUTED. readOnly: false title: |- Required Configuration type: boolean required: - interface_label - interface_type - interface_index title: |- NIC Metadata type: object x-vmw-nsx-module: ServiceInsertionCommonTypes NodeFileSystemProperties: description: |- File system properties properties: file_system: description: |- File system id readOnly: true title: |- File system id type: string mount: description: |- File system mount readOnly: true title: |- File system mount type: string total: description: |- File system size in kilobytes format: int64 readOnly: true title: |- File system size in kilobytes type: integer type: description: |- File system type readOnly: true title: |- File system type type: string used: description: |- Amount of file system used in kilobytes format: int64 readOnly: true title: |- Amount of file system used in kilobytes type: integer title: |- File system properties type: object x-vmw-nsx-module: ApplianceStats NodeResources: description: | Required node resources to deploy a form factor properties: cpu: description: | Number of CPU cores required to deploy a form factor. format: int64 title: |- Number of CPU cores type: integer disk: description: | Disk required to deploy a form factor. format: int64 title: |- Disk required in GB type: integer ephemeral_storage: description: | Transient storage required to deploy a form factor. format: int64 title: |- Transient storage required in GB type: integer number_of_master_nodes: description: | Required number of master nodes. format: int64 title: |- Number of master nodes type: integer number_of_worker_nodes: description: | Required number of worker nodes. format: int64 title: |- Number of worker nodes type: integer ram: description: | Memore required to deploy a form factor. format: int64 title: |- Memory required in GB type: integer title: |- Node resources type: object x-vmw-nsx-module: PolicyCloudNative NodeStatus: description: |- Runtime status information of the fabric node. properties: external_id: description: |- HostNode external id title: |- HostNode external id type: string host_node_deployment_status: description: | This enum specifies the current nsx install state for host node or current deployment and ready state for edge node. The ready status 'NODE_READY' indicates whether edge node is ready to become a transport node. The status 'EDGE_CONFIG_ERROR' indicates that edge hardware or underlying host is not supported. After all fabric level operations are done for an edge node, this value indicates transport node related configuration issues and state as relevant. enum: - NOT_PREPARED - INSTALL_IN_PROGRESS - INSTALL_FAILED - INSTALL_SUCCESSFUL - INSTALL_SKIPPED - UNINSTALL_IN_PROGRESS - UNINSTALL_FAILED - UNINSTALL_SUCCESSFUL - UNINSTALL_SCHEDULED - UNINSTALL_SKIPPED - UPGRADE_IN_PROGRESS - UPGRADE_FAILED - PENDING_UPGRADE - NOT_AVAILABLE - VM_DEPLOYMENT_QUEUED - VM_DEPLOYMENT_IN_PROGRESS - VM_DEPLOYMENT_FAILED - VM_POWER_ON_IN_PROGRESS - VM_POWER_ON_FAILED - REGISTRATION_PENDING - NODE_NOT_READY - NODE_READY - VM_POWER_OFF_IN_PROGRESS - VM_POWER_OFF_FAILED - VM_UNDEPLOY_IN_PROGRESS - VM_UNDEPLOY_FAILED - VM_UNDEPLOY_SUCCESSFUL - EDGE_CONFIG_ERROR - VM_DEPLOYMENT_RESTARTED - REGISTRATION_FAILED - HOST_DISCONNECTED - POWERED_OFF - TRANSPORT_NODE_SYNC_PENDING - TRANSPORT_NODE_CONFIGURATION_MISSING - EDGE_HARDWARE_NOT_SUPPORTED - MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED - TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER - TZ_ENDPOINTS_NOT_SPECIFIED - NO_PNIC_PREPARED_IN_EDGE - APPLIANCE_INTERNAL_ERROR - VTEP_DHCP_NOT_SUPPORTED - UNSUPPORTED_HOST_SWITCH_PROFILE - UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED - HOSTSWITCH_PROFILE_NOT_FOUND - LLDP_SEND_ENABLED_NOT_SUPPORTED - UNSUPPORTED_NAMED_TEAMING_POLICY - MULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING - LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM - LACP_NOT_SUPPORTED_FOR_EDGE_VM - STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM - MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE - UNSUPPORTED_LACP_LB_ALGO_FOR_NODE - EDGE_NODE_VERSION_NOT_SUPPORTED - NO_PNIC_SPECIFIED_IN_TN - INVALID_PNIC_DEVICE_NAME - TRANSPORT_NODE_READY - UNSUPPORTED_DEFAULT_TEAMING_POLICY - MPA_DISCONNECTED - VM_NETWORK_EDIT_PENDING - VM_RENAME_PENDING - VM_CONFIG_EDIT_PENDING - VM_NETWORK_EDIT_FAILED - VM_RENAME_FAILED - VM_CONFIG_EDIT_FAILED - VM_CONFIG_DISCREPANCY - VM_NODE_REFRESH_FAILED - VM_PLACEMENT_REFRESH_FAILED - REGISTRATION_TIMEDOUT - LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING - UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED - REPLACE_FAILED - DELETE_VM_IN_REDEPLOY_FAILED - DEPLOY_VM_IN_REDEPLOY_FAILED - INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE readOnly: true title: |- Install/Uninstall status of deployment. type: string inventory_sync_paused: description: |- Is true if inventory sync is paused else false readOnly: true title: |- Is true if inventory sync is paused else false type: boolean inventory_sync_reenable_time: description: |- Inventory sync auto re-enable target time, in epoch milis format: int64 readOnly: true type: integer last_heartbeat_timestamp: description: |- Timestamp of the last heartbeat status change, in epoch milliseconds. format: int64 readOnly: true type: integer last_sync_time: description: |- Timestamp of the last successful update of Inventory, in epoch milliseconds. format: int64 readOnly: true type: integer lcp_connectivity_status: default: UNKNOWN description: |- Indicates the fabric node's LCP<->CCP channel connectivity status, UP, DOWN, DEGRADED, UNKNOWN. enum: - UP - DOWN - DEGRADED - UNKNOWN readOnly: true title: |- Indicates the fabric node's LCP<->CCP channel connectivity status, UP, DOWN, DEGRADED, UNKNOWN. type: string lcp_connectivity_status_details: default: [] description: |- Details, if any, about the current LCP<->CCP channel connectivity status of the fabric node. items: $ref: '#/definitions/ControlConnStatus' readOnly: true title: |- Details, if any, about the current LCP<->CCP channel connectivity status of the fabric node. type: array maintenance_mode: description: |- Indicates the fabric node's status of maintenance mode, OFF, ENTERING, ON, EXITING. enum: - 'OFF' - ENTERING - 'ON' - EXITING readOnly: true title: |- Indicates the fabric node's status of maintenance mode, OFF, ENTERING, ON, EXITING. type: string mpa_connectivity_status: description: |- Indicates the fabric node's MP<->MPA channel connectivity status, UP, DOWN, UNKNOWN. enum: - UP - DOWN - UNKNOWN readOnly: true title: |- Indicates the fabric node's MP<->MPA channel connectivity status, UP, DOWN, UNKNOWN. type: string mpa_connectivity_status_details: description: |- Details, if any, about the current MP<->MPA channel connectivity status of the fabric node. readOnly: true title: |- Details, if any, about the current MP<->MPA channel connectivity status of the fabric node. type: string software_version: description: |- Software version of the fabric node. readOnly: true title: |- Software version of the fabric node. type: string system_status: $ref: '#/definitions/NodeStatusProperties' title: |- Runtime status information of the fabric node. type: object x-vmw-nsx-module: FabricNode NodeStatusProperties: allOf: - $ref: '#/definitions/Resource' - properties: cpu_cores: description: |- Number of CPU cores on the system format: int64 readOnly: true title: |- Number of CPU cores on the system type: integer cpu_usage: $ref: '#/definitions/CpuUsage' disk_space_total: description: |- Amount of disk space available on the system, in kilobytes. format: int64 readOnly: true title: |- Amount of disk space available on the system, in kilobytes type: integer disk_space_used: description: |- Amount of disk space in use on the system, in kilobytes format: int64 readOnly: true title: |- Amount of disk space in use on the system, in kilobytes type: integer dpdk_cpu_cores: description: |- Number of DPDK cores on Edge Node which are used for packet IO processing. format: int64 readOnly: true title: |- Number of DPDK CPU cores on the system type: integer edge_mem_usage: $ref: '#/definitions/EdgeTransportNodeMemoryUsage' file_systems: description: |- File systems configured on the system items: $ref: '#/definitions/NodeFileSystemProperties' readOnly: true title: |- File systems configured on the system type: array hostname: description: |- Host name of the system readOnly: true title: |- Host name of the system type: string load_average: description: |- One, five, and fifteen minute load averages for the system items: type: number readOnly: true title: |- One, five, and fifteen minute load averages for the system type: array mem_cache: description: |- Amount of RAM on the system that can be flushed out to disk, in kilobytes format: int64 readOnly: true title: |- Amount of RAM on the system that can be flushed out to disk, in kilobytes type: integer mem_total: description: |- Amount of RAM allocated to the system, in kilobytes format: int64 readOnly: true title: |- Amount of RAM allocated to the system, in kilobytes type: integer mem_used: description: |- Amount of RAM in use on the system, in kilobytes format: int64 readOnly: true title: |- Amount of RAM in use on the system, in kilobytes type: integer non_dpdk_cpu_cores: description: |- Number of non-DPDK cores on Edge Node. format: int64 readOnly: true title: |- Number of non-DPDK CPU cores on the system type: integer source: description: |- Source of status data. enum: - realtime - cached readOnly: true type: string swap_total: description: |- Amount of disk available for swap, in kilobytes format: int64 readOnly: true title: |- Amount of disk available for swap, in kilobytes type: integer swap_used: description: |- Amount of swap disk in use, in kilobytes format: int64 readOnly: true title: |- Amount of swap disk in use, in kilobytes type: integer system_time: description: |- Current time expressed in milliseconds since epoch format: int64 readOnly: true type: integer uptime: description: |- Milliseconds since system start format: int64 readOnly: true title: |- Milliseconds since system start type: integer type: object x-vmw-nsx-module: ApplianceStats description: |- Node status properties title: |- Node status properties x-vmw-nsx-module: ApplianceStats NsxRole: description: |- Role properties: permissions: description: |- Please use the /user-info/permissions api to get the permission that the user has on each feature. items: enum: - read-api - read-write-api - crud - read - execute - none type: string title: |- Permissions type: array x-deprecated: true role: description: |- This field represents the identifier of the role. With the introduction of custom roles, this field is no longer an enum. title: |- Role ID type: string required: - role title: |- Role type: object x-vmw-nsx-module: AAA NsxTDNSForwarderStatistics: allOf: - $ref: '#/definitions/DNSForwarderStatisticsPerEnforcementPoint' - properties: cached_entries: description: |- The total number of cached entries format: int64 readOnly: true title: |- The total number of cached entries type: integer conditional_forwarder_statistics: description: |- The statistics of conditional forwarder zones items: $ref: '#/definitions/NsxTDNSForwarderZoneStatistics' maxItems: 5 minItems: 0 readOnly: true title: |- The statistics of conditional forwarder zones type: array configured_cache_size: description: |- The configured cache size, in kb format: int64 readOnly: true title: |- The configured cache size, in kb type: integer default_forwarder_statistics: $ref: '#/definitions/NsxTDNSForwarderZoneStatistics' queries_answered_locally: description: |- The total number of queries answered from local cache format: int64 readOnly: true title: |- The total number of queries answered from local cache type: integer queries_forwarded: description: |- The total number of forwarded DNS queries format: int64 readOnly: true title: |- The total number of forwarded DNS queries type: integer timestamp: description: |- Time stamp of the current statistics, in ms format: int64 readOnly: true type: integer total_queries: description: |- The total number of received DNS queries format: int64 readOnly: true title: |- The total number of received DNS queries type: integer used_cache_statistics: description: |- The statistics of used cache items: $ref: '#/definitions/NsxTPerNodeUsedCacheStatistics' maxItems: 2 minItems: 0 readOnly: true title: |- The statistics of used cache type: array type: object x-vmw-nsx-module: PolicyDNSStatistics description: | The current statistics counters of the DNS forwarder including cache usages and query numbers per forwarders, on an NSX-T type of enforcement point. title: |- Statistics counters of the DNS forwarder x-vmw-nsx-module: PolicyDNSStatistics NsxTDNSForwarderStatus: allOf: - $ref: '#/definitions/DNSForwarderStatusPerEnforcementPoint' - properties: extra_message: description: |- Extra message, if available readOnly: true title: |- Extra message, if available type: string status: description: | UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The DNS forwarder may be working (or not working). NO_BACKUP means DNS forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down. enum: - UP - DOWN - ERROR - NO_BACKUP - UNKNOWN readOnly: true type: string timestamp: description: |- Time stamp of the current status, in ms format: int64 readOnly: true type: integer type: object x-vmw-nsx-module: PolicyDNSStatistics description: | The current runtime status of the DNS forwarder. title: |- The current runtime status of DNS forwarder x-vmw-nsx-module: PolicyDNSStatistics NsxTDNSForwarderZoneStatistics: description: | Statistics counters of the DNS forwarder zone. properties: domain_names: description: | Domain names configured for the forwarder. Empty if this is the default forwarder. items: type: string maxItems: 100 minItems: 0 readOnly: true title: |- Domain names configured for the forwarder type: array upstream_statistics: description: |- Statistics per upstream server. items: $ref: '#/definitions/NsxTUpstreamServerStatistics' maxItems: 3 minItems: 0 readOnly: true title: |- Statistics per upstream server. type: array title: |- Statistics counters of the DNS forwarder zone type: object x-vmw-nsx-module: PolicyDNSStatistics NsxTDnsAnswer: allOf: - $ref: '#/definitions/PolicyDnsAnswerPerEnforcementPoint' - properties: authoritative_answers: description: |- Authoritative answers items: $ref: '#/definitions/NsxTDnsQueryAnswer' maxItems: 256 minItems: 1 title: |- Authoritative answers type: array dns_server: description: | Dns server ip address and port, format is "ip address#port". title: |- Dns server information type: string edge_node_id: description: | ID of the edge node that performed the query. title: |- Edge node id type: string non_authoritative_answers: description: |- Non authoritative answers items: $ref: '#/definitions/NsxTDnsQueryAnswer' maxItems: 256 minItems: 1 title: |- Non authoritative answers type: array raw_answer: description: | It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer. title: |- Raw message returned from the dns forwarder type: string required: - edge_node_id - dns_server type: object x-vmw-nsx-module: PolicyDnsForwarder description: |- Answer of dns nslookup title: |- Answer of dns nslookup x-vmw-nsx-module: PolicyDnsForwarder NsxTDnsQueryAnswer: description: |- Answer of nslookup properties: address: description: | Resolved IP address matched with the nslookup address provided as a request parameter. title: |- Matched ip address type: string name: description: | Matched name of the given address. title: |- Matched name type: string title: |- Answer of nslookup type: object x-vmw-nsx-module: PolicyDnsForwarder NsxTPerNodeUsedCacheStatistics: description: | Query statistics counters of used cache from node properties: cached_entries: description: |- The total number of cached entries format: int64 readOnly: true title: |- The total number of cached entries type: integer node_id: description: |- UUID of active/standby transport node readOnly: true title: |- UUID of active/standby transport node type: string used_cache_size: description: |- The memory size used in cache, in kb format: int64 readOnly: true title: |- The memory size used in cache, in kb type: integer title: |- Per node used cache query statistics counters type: object x-vmw-nsx-module: PolicyDNSStatistics NsxTUpstreamServerStatistics: description: | Query statistics counters to an upstream server including successfully forwarded queries and failed queries. properties: queries_failed: description: |- Queries failed to forward. format: int64 readOnly: true title: |- Queries failed to forward. type: integer queries_succeeded: description: |- Queries forwarded successfully format: int64 readOnly: true title: |- Queries forwarded successfully type: integer upstream_server: description: |- Upstream server ip format: ip readOnly: true type: string title: |- Upstream server query statistics counters type: object x-vmw-nsx-module: PolicyDNSStatistics NvdsUpgradeConfigIssue: allOf: - $ref: '#/definitions/ManagedResource' - properties: component: description: |- Name of the component/object readOnly: true title: |- Name of the component/object type: string error: description: |- Error for the component describing precheck failure readOnly: true title: |- Error for the component describing precheck failure type: string objid: description: |- Id of the object that generated error readOnly: true title: |- Id of the object that generated error type: string recommendation: description: |- Recommendation to resolve the error returned for component readOnly: true title: |- Recommendation to resolve the error returned for component type: string type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck description: |- Issues reported by upgrade readiness check title: |- Issues reported by upgrade readiness check x-vmw-nsx-module: NvdsUpgradeReadinessCheck NvdsUpgradeHostState: allOf: - $ref: '#/definitions/ManagedResource' - properties: dn_ext_id: description: |- DiscoveredNode identifier readOnly: true title: |- DiscoveredNode identifier type: string host: description: |- TransportNode identifier readOnly: true title: |- TransportNode identifier type: string ip_address: description: |- TransportNode ip address readOnly: true title: |- TransportNode ip address type: string overall_state: description: |- Overall state of N-VDSes on the TransportNodes enum: - UPGRADE_READY - UPGRADE_PROCESSING - UPGRADE_QUEUED - UPGRADE_IN_PROGRESS - UPGRADE_FAILED - SUCCESS readOnly: true title: |- Overall state of N-VDSes on the TransportNodes type: string state_details: description: |- Details of the N-VDS upgrade state on the host items: type: string readOnly: true title: |- Details of the N-VDS upgrade state on the host type: array upgrade_stage: description: | This field returns current stage of Migration task. Here is a sequence of stages the task cycles through, TN_MIGRATION_TASK_IN_QUEUE RETRIEVE_SAVED_CONFIG, TN_VALIDATE, VMS_RETRIVAL, VMS_UNREGISTRATION, TN_STATELESS_WAIT_FOR_HP, DETACH_TNP, TNP_WAIT, TN_SEND_HS_MIGRATION_MSG, TN_ADD_HOST_TO_VDS, TN_UPDATE, TN_UPDATE_WAIT, TN_DELETE, TN_DELETE_WAIT, FN_DELETE_WAIT, TN_RECONFIG_HOST, TN_CREATE, TN_CREATE_WAIT, UPDATE_TNP_AND_APPLY, TN_EXIT_MM, VMS_REGISTRATION, VMS_REGISTRATION_WAIT, TN_MIGRATION_COMPLETED Depending on the type of host (stateful, stateless, Sddc, etc.) migration task may not cycle through all stages but in will follow above sequence. If stage is TN_MIGRATION_COMPLETED refer to field overall_state for SUCCESS or UPGRADE_FAILURE and state_details for details on same. readOnly: true title: |- Current migration task stage type: string type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck description: |- Individual host upgrade state title: |- Individual host upgrade state x-vmw-nsx-module: NvdsUpgradeReadinessCheck NvdsUpgradePrecheckId: description: |- Nvds upgrade precheck ID properties: precheck_id: description: |- Tracking ID of nvds upgrade precheck readOnly: true title: |- Tracking ID of nvds upgrade precheck type: string title: |- Nvds upgrade precheck ID type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck NvdsUpgradeStatusSummary: description: |- Overall status of the upgrade readiness check properties: migration_state: description: |- Overall state of migration across all TransportNodes items: $ref: '#/definitions/NvdsUpgradeHostState' readOnly: true title: |- Overall state of migration across all TransportNodes type: array precheck_id: description: |- Tracking ID of nvds upgrade precheck readOnly: true title: |- Tracking ID of nvds upgrade precheck type: string precheck_issue: description: |- Config issue in pre-check items: $ref: '#/definitions/NvdsUpgradeConfigIssue' readOnly: true title: |- Config issue in pre-check type: array precheck_status: description: |- Overall status of pre-check enum: - IN_PROGRESS - FAILED - PENDING_TOPOLOGY - APPLYING_TOPOLOGY - APPLY_TOPOLOGY_FAILED - READY readOnly: true title: |- Overall status of pre-check type: string title: |- Overall status of the upgrade readiness check type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck NvdsUpgradeTopology: allOf: - $ref: '#/definitions/ManagedResource' - properties: compute_manager_topology: description: |- All resultant VDS mapping for a NVDS after the migration items: $ref: '#/definitions/ComputeManagerTopology' title: |- All resultant VDS mapping for a NVDS after the migration type: array nvds_id: description: |- Identifier for a NVDS title: |- Identifier for a NVDS type: string nvds_name: description: |- Name of a NVDS title: |- Name of a NVDS type: string required: - nvds_id - nvds_name - compute_manager_topology type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck description: |- NVDS to VDS mappings for migration title: |- NVDS to VDS mappings for migration x-vmw-nsx-module: NvdsUpgradeReadinessCheck ObjectRolePermissionGroup: allOf: - $ref: '#/definitions/ManagedResource' - properties: inheritance_disabled: default: false description: |- Does children of this object inherit this rule title: |- Does children of this object inherit this rule type: boolean operation: description: |- Allowed operation enum: - crud - read - execute - none title: |- Allowed operation type: string path_prefix: description: |- Path prefix title: |- Path prefix type: string role_name: description: |- Role name title: |- Role name type: string rule_disabled: default: false description: |- Is rule disabled or not title: |- Is rule disabled or not type: boolean required: - role_name - path_prefix type: object x-vmw-nsx-module: PolicyAuthz description: |- RBAC Objects qualifier title: |- RBAC Objects qualifier x-vmw-nsx-module: PolicyAuthz ObjectRolePermissionGroupListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- ObjectRolePermissionGroup list results items: $ref: '#/definitions/ObjectRolePermissionGroup' title: |- ObjectRolePermissionGroup list results type: array required: - results type: object x-vmw-nsx-module: PolicyAuthz description: |- Paged collection of RBAC Objects title: |- Paged collection of RBAC Objects x-vmw-nsx-module: PolicyAuthz OpenLdapIdentitySource: allOf: - $ref: '#/definitions/LdapIdentitySource' - type: object x-vmw-nsx-module: LdapIdentitySources description: |- An identity source service that runs OpenLDAP. The service allows selected user accounts defined in OpenLDAP to log into and access NSX-T. title: |- An OpenLDAP identity source service x-vmw-nsx-module: LdapIdentitySources OpsGlobalConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: in_band_network_telementry: $ref: '#/definitions/DscpIndicator' operation_collectors: description: | The operation collector is defined to receive stats from hosts. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode. items: $ref: '#/definitions/GlobalCollectorConfig' title: |- Operation global collector config type: array type: object x-vmw-nsx-module: Policy description: |- Global Operations configuration. title: |- Global Operations configuration x-vmw-nsx-module: Policy OspfAreaConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: area_id: description: | OSPF area-id either in decimal or dotted format. title: |- OSPF area id type: string area_type: default: NORMAL description: | Configures OSPF area with defined area type. If area_type field not specified, default is NSSA. enum: - NORMAL - NSSA title: |- OSPF area type type: string authentication: $ref: '#/definitions/OspfAuthenticationConfig' required: - area_id type: object x-vmw-nsx-module: PolicyOspf description: | Contains OSPF Area configuration. title: |- OSPF Area config x-vmw-nsx-module: PolicyOspf OspfAreaConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- OSPF area configuration list results items: $ref: '#/definitions/OspfAreaConfig' title: |- OSPF area configuration list results type: array required: - results type: object x-vmw-nsx-module: PolicyOspf description: |- Collection of OSPF area configuration. title: |- Paged Collection of OSPF area configuration x-vmw-nsx-module: PolicyOspf OspfAuthenticationConfig: description: |- Enables OSPF authentication with specified mode and password. properties: key_id: description: | Authentication secret key id is mandatory for type md5 with min value of 1 and max value 255. format: int64 maximum: 255 minimum: 1 title: |- Authentication secret key id type: integer mode: default: NONE description: | If mode is MD5 or PASSWORD, Authentication secret key is mandatory if mode is NONE, then authentication is disabled. enum: - NONE - PASSWORD - MD5 title: |- Authentication mode type: string secret_key: description: | Authentication secret is mandatory for type password and md5 with min length of 1 and max length 8. title: |- Authentication secret key type: string title: |- OSPF Authentication Configuration type: object x-vmw-nsx-module: PolicyOspf OspfDabtabaseCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: results: readOnly: true type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics OspfDatabaseListResultInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/OspfDabtabaseCsvRecord' readOnly: true type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics OspfDatabaseStatus: properties: area_id: description: |- OSPF area id to filter the the OSPF database. title: |- OSPF area id filter parameter type: string asbr_summary_link_states: description: |- array of ASBR summary link state of OSPF database items: $ref: '#/definitions/MpOspfSummaryLinkStates' readOnly: true title: |- array of ASBR summary link state of OSPF database type: array edge_path: description: | Policy path to edge node. readOnly: true title: |- Policy path to edge node type: string external_link_states: description: |- array of external link of OSPF database items: $ref: '#/definitions/MpOspfExternalLinkState' readOnly: true title: |- array of external link of OSPF database type: array net_link_states: description: |- array of network link state of OSPF database items: $ref: '#/definitions/MpOspfNetworkLinkStates' readOnly: true title: |- array of network link state of OSPF database type: array nssa_external_link_states: description: |- array of nssa external link of OSPF database items: $ref: '#/definitions/MpOspfExternalLinkState' readOnly: true title: |- array of nssa external link of OSPF database type: array router_link_states: description: |- array of link state of OSPF database items: $ref: '#/definitions/MpOspfRouterLinkStates' readOnly: true title: |- array of link state of OSPF database type: array summary_link_states: description: |- array of summary link state of OSPF database items: $ref: '#/definitions/MpOspfSummaryLinkStates' readOnly: true title: |- array of summary link state of OSPF database type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics OspfNeighbor: description: | OSPF Neighbor Per Edge. properties: edge_display_name: description: | Display name to edge node. title: |- Display name for edge node type: string edge_path: description: | Policy path to edge node. title: |- Policy path to edge node type: string neighbors: items: $ref: '#/definitions/OspfNeighborStatus' type: array required: - edge_path title: |- OSPF Neighbor Per Edge type: object x-vmw-nsx-module: PolicyConnectivityStatistics OspfNeighborStatus: description: | OSPF Neighbor Status. properties: neighbor_address: description: | OSPF neighbor address. format: ip readOnly: true type: string neighbor_status_info: items: $ref: '#/definitions/OspfStatusInfo' type: array title: |- OSPF Neighbor Status type: object x-vmw-nsx-module: PolicyConnectivityStatistics OspfNeighborsStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: gateway_path: description: | Policy path to Tier0 gateway. title: |- Policy path to Tier0 gateway type: string last_update_timestamp: description: |- Timestamp when the data was last updated, unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/OspfNeighbor' type: array required: - gateway_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | OSPF Neighbors. title: |- OSPF Neighbor x-vmw-nsx-module: PolicyConnectivityStatistics OspfRoute: properties: area: description: |- OSPF area. readOnly: true title: |- OSPF area type: string cost: description: |- Cost of the route. format: int64 readOnly: true title: |- Cost of the route type: integer next_hops: description: |- request counter. items: $ref: '#/definitions/OspfRouteNextHopResult' readOnly: true title: |- request counter type: array route_prefix: description: |- Learned route prefix. readOnly: true title: |- Learned route prefix type: string route_type: description: |- Type of route. readOnly: true title: |- Type of route type: string router_type: description: |- Type of router. readOnly: true title: |- Type of router type: string type_to_cost: description: |- Type to cost of the route. format: int64 readOnly: true title: |- Type to cost of the route type: integer type: object x-vmw-nsx-module: PolicyConnectivityStatistics OspfRouteDetailsInCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: area: description: |- OSPF area. readOnly: true title: |- OSPF area type: string cost: description: |- Cost of the route. format: int64 readOnly: true title: |- Cost of the route type: integer edge_path: description: |- Policy edge path. readOnly: true title: |- Policy edge path type: string next_hop_directly_attached: description: | Check whether OSPF route is directly connected. readOnly: true title: |- Check whether OSPF route is directly connected type: boolean next_hop_interface_name: description: | OSPF policy interface name. readOnly: true title: |- OSPF policy interface name type: string next_hop_neighbor_address: description: |- route next hop result. format: ip readOnly: true type: string route_prefix: description: |- Learned route prefix. readOnly: true title: |- Learned route prefix type: string route_type: description: |- Type of route. readOnly: true title: |- Type of route type: string router_type: description: |- Type of router. readOnly: true title: |- Type of router type: string type_to_cost: description: |- Type to cost of the route. format: int64 readOnly: true title: |- Type to cost of the route type: integer type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics OspfRouteNextHopResult: description: | OSPF route next hop result. properties: directly_attached: description: | Check whether OSPF route is directly connected. readOnly: true title: |- Check whether OSPF route is directly connected type: boolean interface_name: description: | OSPF policy interface name. readOnly: true title: |- OSPF policy interface name type: string neighbor_address: description: | next-hop address. format: ip readOnly: true type: string title: |- OSPF route next hop result type: object x-vmw-nsx-module: PolicyConnectivityStatistics OspfRoutes: description: | OSPF Routes Per Edge. properties: edge_display_name: description: | Display name to edge node. title: |- Display name for edge node type: string edge_path: description: | Policy path to edge node. title: |- Policy path to edge node type: string route_details: items: $ref: '#/definitions/OspfRoute' type: array required: - edge_path title: |- OSPF Routes Per Edge type: object x-vmw-nsx-module: PolicyConnectivityStatistics OspfRoutesListResult: allOf: - $ref: '#/definitions/ListResult' - properties: gateway_path: description: | Policy path to Tier0 gateway. title: |- Policy path to Tier0 gateway type: string last_update_timestamp: description: |- Timestamp when the data was last updated, unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/OspfRoutes' type: array required: - gateway_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | OSPF Routes. title: |- OSPF Routes x-vmw-nsx-module: PolicyConnectivityStatistics OspfRoutesListResultInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/OspfRouteDetailsInCsvRecord' readOnly: true type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics OspfRoutingConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: default_originate: default: false description: | Flag to enable/disable advertisement of default route into OSPF domain. The default route should be present in the edge only then it redistributes the same into OSPF domain only if this flag is set to TRUE. title: |- Flag to enable/disable advertisement of default route type: boolean ecmp: default: true description: | Flag to enable ECMP. title: |- Flag to enable ECMP type: boolean enabled: default: false description: | Flag to enable OSPF routing protocol. Disabling will stop feature and OSPF peering. title: |- Flag to enable OSPF routing protocol type: boolean graceful_restart_mode: default: HELPER_ONLY description: |- Configuration field to hold OSPF Restart mode . enum: - DISABLE - HELPER_ONLY title: |- OSPF Graceful Restart Mode Configuration type: string summary_addresses: description: | List of summary address configruation to summarize or filter external routes based on the setting of advertise flag in each OspfSummaryAddressConfig items: $ref: '#/definitions/OspfSummaryAddressConfig' maxItems: 1000 title: |- List of OSPF summary address configuration to summarize external routes type: array type: object x-vmw-nsx-module: PolicyOspf description: | Contains OSPF routing configurations. title: |- OSPF routing config x-vmw-nsx-module: PolicyOspf OspfStatusInfo: properties: database_summary_counter: description: |- Database summary counter. format: int64 readOnly: true title: |- Database summary counter type: integer dead_time: description: |- Time remaining in before considering OSPF neighbor dead. readOnly: true title: |- Time remaining before considering OSPF neighbor dead type: string interface_name: description: |- Tier0 interface name. readOnly: true title: |- Tier0 interface name type: string last_state_change: description: |- Time since last change in state. readOnly: true title: |- Time since last change in state type: string priority: description: |- Priority of the neighbor. format: int64 readOnly: true title: |- Priority of the neighbor type: integer request_counter: description: |- request counter. format: int64 readOnly: true title: |- request counter type: integer retransmit_counter: description: |- Retransmit request counter. format: int64 readOnly: true title: |- Retransmit request counter type: integer source_address: description: |- Multicast source address. format: ip readOnly: true type: string state: description: |- OSPF neighbor state. readOnly: true title: |- OSPF neighbor state type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics OspfSummaryAddressConfig: description: |- OSPF summary address configuration to summarize external routes properties: advertise: default: true description: | Used to filter the advertisement of external routes into the OSPF domain. Setting this field to "TRUE" will enable the summarization of external routes that are covered by ip_prefix configuration. Setting this field to "FALSE" will filter the advertisement of external routes that are covered by ip_prefix configuration. title: |- Flag to enable/disable summarization of external routes type: boolean prefix: description: |- OSPF Summary address in CIDR format format: ip-cidr-block title: |- OSPF Summary address in CIDR format type: string required: - prefix title: |- OSPF Summary Address Configuration type: object x-vmw-nsx-module: PolicyOspf OverriddenResource: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: intent_path: description: | Policy resource path of the overridden resource. readOnly: true title: |- Policy resource path of the overridden resource type: string site_path: description: | Site path to the specific site that has overridden the global resource. readOnly: true title: |- Site path type: string type: object x-vmw-nsx-module: PolicyOverrides description: | Represents which federated global resources have been overrriden on a specific Site. title: |- Represents overridden resource information for federated entity. x-vmw-nsx-module: PolicyOverrides OverriddenResourceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- OverriddenResource list results. items: $ref: '#/definitions/OverriddenResource' title: |- OverriddenResource list results type: array required: - results type: object x-vmw-nsx-module: PolicyOverrides description: |- Paged Collection of OverriddenResource. title: |- Paged Collection of OverriddenResource x-vmw-nsx-module: PolicyOverrides OverrideListRequestParameters: description: | Parameter to filter overridden resource list by intent path or site path or both. properties: intent_path: description: |- Global resource path title: |- Global resource path type: string site_path: description: |- Site path title: |- Site path type: string title: |- Override list request parameters type: object x-vmw-nsx-module: PolicyOverrides PacketAddressClassifier: description: | A packet is classified to have an address binding, if its address configuration matches with all user specified properties. properties: ip_address: description: |- A single IP address or a subnet, e.g. x.x.x.x or x.x.x.x/y format: address-or-block-or-range type: string mac_address: description: |- A single MAC address format: mac-address type: string vlan: description: |- Virtual Local Area Network Identifier format: int64 type: integer title: |- Address classifications for a packet type: object x-vmw-nsx-module: Switching PacketData: discriminator: resource_type properties: frame_size: default: 128 description: |- If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size. format: int64 maximum: 1000 minimum: 60 title: |- Requested total size of the (logical) packet in bytes type: integer resource_type: description: |- Packet configuration enum: - BinaryPacketData - FieldsPacketData title: |- Packet configuration type: string routed: description: |- A flag, when set true, indicates that the traceflow packet is of L3 routing. title: |- A flag, when set true, indicates that the traceflow packet is of L3 routing. type: boolean transport_type: default: UNICAST description: |- This type takes effect only for IP packet. enum: - BROADCAST - UNICAST - MULTICAST - UNKNOWN title: |- transport type of the traceflow packet type: string required: - resource_type type: object x-vmw-nsx-module: Traceflow PacketNumberSampling: allOf: - $ref: '#/definitions/SamplingArgument' - properties: sampling_rate: description: |- 1 out of how many packets is sampled format: int64 maximum: 65535 minimum: 1 title: |- 1 out of how many packets is sampled type: integer required: - sampling_rate type: object x-vmw-nsx-module: LiveTrace x-vmw-nsx-module: LiveTrace PacketTypeAndCounter: properties: counter: description: |- The number of packets. format: int64 title: |- The number of packets. type: integer packet_type: description: |- The type of the packets title: |- The type of the packets type: string required: - counter - packet_type type: object x-vmw-nsx-module: AggSvcL2Types PacketsDroppedBySecurity: properties: bpdu_filter_dropped: description: |- The number of packets dropped by "BPDU filter". format: int64 title: |- The number of packets dropped by "BPDU filter". type: integer dhcp_client_dropped_ipv4: description: |- The number of IPv4 packets dropped by "DHCP client block". format: int64 title: |- The number of IPv4 packets dropped by "DHCP client block". type: integer dhcp_client_dropped_ipv6: description: |- The number of IPv6 packets dropped by "DHCP client block". format: int64 title: |- The number of IPv6 packets dropped by "DHCP client block". type: integer dhcp_server_dropped_ipv4: description: |- The number of IPv4 packets dropped by "DHCP server block". format: int64 title: |- The number of IPv4 packets dropped by "DHCP server block". type: integer dhcp_server_dropped_ipv6: description: |- The number of IPv6 packets dropped by "DHCP server block". format: int64 title: |- The number of IPv6 packets dropped by "DHCP server block". type: integer spoof_guard_dropped: description: |- The packets dropped by "Spoof Guard"; supported packet types are IPv4, IPv6, ARP, ND, non-IP. items: $ref: '#/definitions/PacketTypeAndCounter' title: |- The packets dropped by "Spoof Guard"; supported packet types are IPv4, IPv6, ARP, ND, non-IP. type: array type: object x-vmw-nsx-module: AggSvcL2Types PartialPatchConfig: description: | This object allows enabling or disabling of partial patch functionality. Enabling partial patch allows patching of a subset of the fields of any object. After enabling partial patching, any object payload provided will be merged with the existing object payload. Note that while all mandatory fields are expected to be provided during the creation of any object, enabling partial patch will allow patching of existing objects with a subset of mandatory fields. properties: enable_partial_patch: description: |- boolean value used to enable/disable partial patch title: |- This object will contain the partial patch configuration. type: boolean required: - enable_partial_patch title: |- Contains configuration for Partial patch. type: object x-vmw-nsx-module: PolicySystemConfig PatchResources: allOf: - $ref: '#/definitions/Action' - properties: body: description: | Patch body representing a Hierarchical Patch payload. The resources included in the body are patched replacing the injections' keys with their actual values. title: |- Body type: object injections: description: |- Injections holding keys (variables) and their corresponding values. items: $ref: '#/definitions/Injection' minItems: 1 title: |- Injections type: array required: - body type: object x-vmw-nsx-module: PolicyReaction description: | Patch Resources is an action to create/patch resources in response to an event. title: |- Patch Resources x-vmw-nsx-module: PolicyReaction PathExpression: allOf: - $ref: '#/definitions/Expression' - properties: paths: description: |- This array can consist of one or more policy paths. Only policy paths of groups, segments and policy logical ports are allowed. items: type: string minItems: 1 title: |- Array of policy paths type: array required: - paths type: object x-vmw-nsx-module: Policy description: |- Represents policy path expressions in the form of an array, to support addition of objects like groups, segments and policy logical ports in a group. title: |- Path expression node x-vmw-nsx-module: Policy PathPermissionGroup: description: |- RBAC Objects qualifier properties: object_path: description: |- Full Object Path title: |- Full Object Path type: string operation: description: |- Allowed operation enum: - crud - read - execute - none title: |- Allowed operation type: string required: - operation - object_path title: |- RBAC Objects qualifier type: object x-vmw-nsx-module: PolicyAuthz PeerCertificateChain: description: |- The certificate chain presented by a remote TLS service. properties: details: description: |- List of X509Certificates. items: $ref: '#/definitions/X509Certificate' readOnly: true type: array pem_encoded: description: |- PEM encoded certificate data. readOnly: false type: string required: - pem_encoded title: |- A peer's certificate chain type: object x-vmw-nsx-module: CertificateManager PendingChangesInfoNsxT: description: | Information about recent changes, if any, that are not reflected in the Enforced Realized Status. properties: pending_changes_flag: description: | Flag describing whether there are any pending changes that are not reflected in the status. readOnly: true title: |- Pending Changes Flag type: boolean title: |- NSX-T Pending Change Info type: object x-vmw-nsx-module: PolicyRealizationStatus PerNodeShaPluginStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Sha plugin status list results items: $ref: '#/definitions/PluginStatusEntry' title: |- Sha plugin status list results type: array required: - results type: object x-vmw-nsx-module: PolicySha description: |- Paged list of Sha plugin status list. title: |- Paged list of Sha plugin status list. x-vmw-nsx-module: PolicySha PerStepRestoreStatus: description: |- Restore step status properties: description: description: |- A description of the restore status readOnly: true title: |- A description of the restore status type: string value: description: |- Per step restore status value enum: - INITIAL - RUNNING - SUSPENDED_BY_USER - SUSPENDED_FOR_USER_ACTION - FAILED - SUCCESS readOnly: true title: |- Per step restore status value type: string title: |- Restore step status type: object x-vmw-nsx-module: ClusterRestore PimRpMapping: description: | PIM (Protocol Independent Multicast) RP (Randezvous Point) mapping details. properties: group: description: |- Multicast group address. format: ip readOnly: true type: string is_rp: description: | Value of this field will be true if this edge transport node acts as rendezvous point, otherwise false. readOnly: true title: |- Is acts as Rendezvous Point type: boolean outgoing_interface: description: |- Outgoing/Egress interface for multicast traffic. readOnly: true title: |- Outgoing interface type: string rp_address: description: |- RP (Randezvous Point) address. format: ip readOnly: true type: string source: description: | Source of learning RP information. Either Static RP configured or RP learned via BSR (Bootstrap Router). readOnly: true title: |- Multicast source type: string title: |- PIM RP mapping details type: object x-vmw-nsx-module: AggSvcLogicalRouter PimRpMappingCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: group: description: |- Multicast group address. format: ip readOnly: true type: string is_rp: description: | Value of this field will be true if this edge transport node acts as rendezvous point, otherwise false. readOnly: true title: |- Is acts as Rendezvous Point type: boolean outgoing_interface: description: |- Outgoing/Egress interface for multicast traffic. readOnly: true title: |- Outgoing interface type: string rp_address: description: |- RP (Randezvous Point) address. format: ip readOnly: true type: string source: description: | Source of learning RP information. Either Static RP configured or RP learned via BSR (Bootstrap Router). readOnly: true title: |- Multicast source type: string transport_node: description: |- Transport node uuid or policy path. readOnly: true title: |- Transport node uuid or policy path type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PimRpMappings: allOf: - $ref: '#/definitions/ListResult' - properties: gateway_path: description: | Policy path to Tier0 gateway. title: |- Policy path to Tier0 gateway type: string pim_rp_mappings_per_edge: items: $ref: '#/definitions/PimRpMappingsPerEdge' type: array required: - gateway_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | PIM Rendezvous Point Mappings. title: |- PIM Rendezvous Point Mappings x-vmw-nsx-module: PolicyConnectivityStatistics PimRpMappingsInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/PimRpMappingCsvRecord' readOnly: true type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PimRpMappingsPerEdge: description: | PIM Rendezvous Point Mappings Per Edge. properties: edge_path: description: | Policy path to edge node. title: |- Policy path to edge node type: string pim_rp_mappings: items: $ref: '#/definitions/PimRpMapping' type: array required: - edge_path title: |- PIM Rendezvous Point Mappings Per Edge type: object x-vmw-nsx-module: PolicyConnectivityStatistics PktCapResource: allOf: - $ref: '#/definitions/BasePktCapResource' - properties: pktcap_file_download_url: description: |- Packet capture file download URL readOnly: true title: |- Packet capture file download URL type: string port_id: description: |- The ID of logical port where packet capture action is performed readOnly: true title: |- The ID of logical port where packet capture action is performed type: string type: object x-vmw-nsx-module: LiveTrace description: | The resource of packet capture per port, such as the downloading URL of packet capture file. x-vmw-nsx-module: LiveTrace PktCapResult: description: | The packet capture result for transport nodes properties: pktcap_resource_list: description: | The packet capture resource info for ports where packet capture action is performed items: $ref: '#/definitions/PktCapResource' readOnly: true title: |- Packet capture results on the given transport node type: array transport_node_id: description: |- The ID of transport node where packet capture action is deployed readOnly: true title: |- The ID of transport node where packet capture action is deployed type: string transport_node_type: description: |- Type of the transport node enum: - ESX - RHELKVM - UBUNTUKVM - CENTOSKVM - RHELCONTAINER - CENTOSCONTAINER - RHELSERVER - UBUNTUSERVER - CENTOSSERVER - SLESKVM - SLESSERVER - WINDOWSSERVER - RHELSMARTNIC - OELSERVER - UBUNTUSMARTNIC - EDGE - PUBLIC_CLOUD_GATEWAY_NODE - OTHERS - HYPERV readOnly: true type: string type: object x-vmw-nsx-module: LiveTrace PktcapActionArgument: properties: dest_lport: description: | It is required only when the type of packet capture is bidirectional. Please keep this aligned with the destination logical port of trace action config when the type of trace action is bidirectional. readOnly: true title: |- Destination logical port for bidirectional packet capture type: string pktcap_type: description: |- Type of packet capture enum: - UNI_DIRECTIONAL - BI_DIRECTIONAL readOnly: true title: |- Type of packet capture type: string reverse_filter: $ref: '#/definitions/LiveTraceFilterData' type: object x-vmw-nsx-module: LiveTrace PktcapActionConfig: properties: action_argument: $ref: '#/definitions/PktcapActionArgument' sampling_argument: $ref: '#/definitions/SamplingArgument' type: object x-vmw-nsx-module: LiveTrace PlainFilterData: allOf: - $ref: '#/definitions/LiveTraceFilterData' - properties: basic_filter: description: |- Basic RCF rule for packet filter title: |- Basic RCF rule for packet filter type: string extend_filter: description: |- Extended RCF rule for packet filter title: |- Extended RCF rule for packet filter type: string type: object x-vmw-nsx-module: LiveTrace x-vmw-nsx-module: LiveTrace PlatformDeploymentChecksAction: allOf: - $ref: '#/definitions/DeploymentChecksAction' - properties: deployment_config: $ref: '#/definitions/PlatformDeploymentConfig' type: object x-vmw-nsx-module: PolicyCloudNativePlatform description: |- Configuration for Platform deployment. title: |- Configuration for Platform deployment x-vmw-nsx-module: PolicyCloudNativePlatform PlatformDeploymentConfig: allOf: - $ref: '#/definitions/CloudNativeDeploymentConfig' - properties: form_factor: description: |- From factor in use. enum: - standard - advanced - evaluation type: string service_config: $ref: '#/definitions/AdvanceServiceConfig' type: object x-vmw-nsx-module: PolicyCloudNativePlatform description: |- Configuration for Platform deployment. title: |- Configuration for Platform deployment x-vmw-nsx-module: PolicyCloudNativePlatform PlatformFormFactors: description: | Available platform form factors. properties: available_form_factors: $ref: '#/definitions/FormFactors' title: |- Deployment version type: object x-vmw-nsx-module: PolicyCloudNative PluginStatusEntry: description: | Describes plugin status properties: detail: description: |- Detail information of plugin. readOnly: true title: |- Detail information of plugin type: string plugin_path: description: |- Plugin id. readOnly: true title: |- Plugin id type: string profile: description: "Display the plugin config\xDF content." readOnly: true title: |- Plugin config type: string status: description: |- Plugin status. enum: - UNKNOWN - ENABLED - DISABLED readOnly: true type: string title: |- System Health Plugin status type: object x-vmw-nsx-module: PolicySha Pnic: description: |- Physical NIC specification properties: device_name: description: |- device name or key readOnly: false title: |- device name or key type: string uplink_name: description: |- Uplink name for this Pnic. This name will be used to reference this Pnic in other configurations. readOnly: false title: |- Uplink name for this Pnic. This name will be used to reference this Pnic in other configurations. type: string required: - uplink_name - device_name title: |- Physical NIC specification type: object x-vmw-nsx-module: TransportNode PnicBondStatus: description: |- pNIC/bond statuses properties: name: description: |- Name of the pNIC/bond title: |- pNIC/bond name type: string status: description: |- Status of pNIC/bond enum: - UNKNOWN - UP - DOWN - DEGRADED title: |- pNic/bond status type: string type: description: |- type, whether the object is a pNIC or a bond enum: - UNKNOWN_TYPE - PNIC - BOND title: |- Object type type: string title: |- pNIC/bond status type: object x-vmw-nsx-module: Heatmap PnicBondStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of pNIC statuses belonging to the transport node items: $ref: '#/definitions/PnicBondStatus' title: |- List of pNIC/bond statuses type: array type: object x-vmw-nsx-module: Heatmap description: |- This object contains reference to list of pNIC/bond statuses title: |- pNIC status list container x-vmw-nsx-module: Heatmap PointDefinition: description: |- Defines the point of a graph. properties: drilldown_id: description: |- Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. title: |- Id of drilldown widget type: string field: description: |- An expression that represents the points of the graph title: |- Expression for points of the graph type: string navigation: description: |- Hyperlink of the specified UI page that provides details. maxLength: 1024 title: |- Navigation to a specified UI page type: string tooltip: description: |- Multi-line text to be shown on tooltip while hovering over the point of a graph. items: $ref: '#/definitions/Tooltip' minItems: 0 title: |- Multi-line tooltip type: array x_value: description: |- Represents the variable for the X value of points that are plotted on the graph. title: |- Variable chosen for X value of the point of the graph type: string y_value: description: |- Represents the variable for the Y value of points that are plotted on the graph. title: |- Variable chosen for Y value of the point of the graph type: string required: - y_value - x_value - field title: |- Definition of a point of graph type: object x-vmw-nsx-module: NsxDashboard Policy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: category: description: | - Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are "Ethernet","Emergency", "Infrastructure" "Environment" and "Application". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories "Emergency", "SystemRules", "SharedPreRules", "LocalGatewayRules", "AutoServiceRules" and "Default", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to "SharedPreRules" or "LocalGatewayRules" only. Also, the users can add/modify/delete rules from only the "SharedPreRules" and "LocalGatewayRules" categories. If user doesn't specify the category then defaulted to "Rules". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, "Default" category is the placeholder default rules with lowest in the order of priority. title: |- A way to classify a security policy, if needed. type: string comments: description: |- Comments for security policy lock/unlock. readOnly: false title: |- SecurityPolicy lock/unlock comments type: string internal_sequence_number: description: | This field is to indicate the internal sequence number of a policy with respect to the policies across categories. format: int32 readOnly: true title: |- Internal sequence number type: integer is_default: description: |- A flag to indicate whether policy is a default policy. readOnly: true title: |- Default policy flag type: boolean lock_modified_by: description: | ID of the user who last modified the lock for the secruity policy. readOnly: true title: |- User who locked the security policy type: string lock_modified_time: description: |- SecurityPolicy locked/unlocked time in epoch milliseconds. format: int64 readOnly: true type: integer locked: default: false description: | Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy. title: |- Lock a security policy type: boolean rule_count: description: | The count of rules in the policy. format: int32 readOnly: true title: |- Rule count type: integer scheduler_path: description: | Provides a mechanism to apply the rules in this policy for a specified time duration. readOnly: false title: |- Path to the scheduler for time based scheduling type: string scope: description: | The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain. items: type: string maxItems: 128 type: array sequence_number: description: | This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999. format: int32 minimum: 0 title: |- Sequence number to resolve conflicts across Domains type: integer stateful: description: | Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless. readOnly: false title: |- Stateful nature of the entries within this security policy. type: boolean tcp_strict: description: | Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true. readOnly: false title: |- Enforce strict tcp handshake before allowing data packets type: boolean type: object x-vmw-nsx-module: Policy description: | Ordered list of Rules. This object is created by default along with the Domain. title: |- Contains ordered list of Rules x-vmw-nsx-module: Policy PolicyAlarmResource: allOf: - $ref: '#/definitions/PolicyResource' - properties: error_details: $ref: '#/definitions/PolicyApiError' message: description: |- error message to describe the issue title: |- error message to describe the issue type: string source_reference: description: |- path of the object on which alarm is created title: |- path of the object on which alarm is created type: string source_site_id: description: | This field will refer to the source site on which the alarm is generated. This field is populated by GM, when it receives corresponding notification from LM. readOnly: true title: |- source site(LM) id. type: string type: object x-vmw-nsx-module: PolicyRealizedState description: |- Alarm base class of realized policy object title: |- Alarm base class of realized policy object x-vmw-nsx-module: PolicyRealizedState PolicyAlarmResourceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of alarm resources items: $ref: '#/definitions/PolicyAlarmResource' title: |- Paged Collection of PolicyAlarmResources type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- PolicyAlarmResource list result title: |- PolicyAlarmResource list result x-vmw-nsx-module: PolicyRealizedState PolicyApiError: allOf: - $ref: '#/definitions/PolicyRelatedApiError' - properties: related_errors: description: |- Other errors related to this error items: $ref: '#/definitions/PolicyRelatedApiError' title: |- Other errors related to this error type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Detailed information about an API Error title: |- Detailed information about an API Error x-vmw-nsx-module: PolicyRealizedState PolicyArpProxyEntry: properties: arp_proxy_ip: description: |- ARP proxy information for a service with ip. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- Array of ARP proxy service address type: array service_id: description: |- Identifier of connected service on port. readOnly: true title: |- Service type id type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics PolicyArpProxyTableCsvListResult: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/InterfaceArpProxyCsvEntry' type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyArpProxyTableListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paginated list of Gateway interface ARP proxy tables items: $ref: '#/definitions/InterfaceArpProxy' readOnly: true title: |- Paginated list of Gateway interface ARP proxy tables type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyAttributes: description: |- Policy Attributes data holder properties: attribute_source: default: SYSTEM description: |- Source of attribute value i.e whether system defined or custom value enum: - SYSTEM - CUSTOM title: |- Source of attribute value i.e whether system defined or custom value type: string datatype: description: |- Datatype for attribute enum: - STRING title: |- Datatype for attribute type: string description: description: |- Description for attribute value title: |- Description for attribute value type: string isALGType: description: |- Describes whether the APP_ID value is ALG type or not. title: |- Is the value ALG type type: boolean key: description: |- URL_Reputation is currently not available. Please do not use it in Attribute Key while creating context profile enum: - APP_ID - DOMAIN_NAME - URL_CATEGORY - URL_REPUTATION - CUSTOM_URL title: |- Key for attribute type: string metadata: description: | This is optional part that can hold additional data about the attribute key/values. Example - For URL CATEGORY key , it specified super category for url category value. This is generic array and can hold multiple meta information about key/values in future items: $ref: '#/definitions/ContextProfileAttributesMetadata' title: |- Provide additional meta information about key/values type: array sub_attributes: description: |- Reference to sub attributes for the attribute items: $ref: '#/definitions/PolicySubAttributes' title: |- Reference to sub attributes for the attribute type: array value: description: | Multiple attribute values can be specified as elements of array. items: type: string minItems: 1 title: |- Value for attribute key type: array uniqueItems: true required: - datatype - key - value title: |- Policy Attributes data holder type: object x-vmw-nsx-module: PolicyContextProfile PolicyBaseHostSwitchProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: required_capabilities: items: type: string readOnly: true type: array resource_type: description: |- Supported HostSwitch profiles. enum: - PolicyUplinkHostSwitchProfile - PolicyLldpHostSwitchProfile - PolicyNiocProfile - PolicyExtraConfigHostSwitchProfile type: string required: - resource_type type: object x-vmw-nsx-module: PolicyBaseHostSwitchProfile x-vmw-nsx-module: PolicyBaseHostSwitchProfile PolicyBasedIPSecVpnSession: allOf: - $ref: '#/definitions/IPSecVpnSession' - properties: rules: description: |- Rules items: $ref: '#/definitions/IPSecVpnRule' minItems: 1 title: |- Rules type: array required: - rules type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. title: |- Policy based VPN session x-vmw-nsx-module: PolicyVpnIPSecVpn PolicyBasedL3VpnSession: allOf: - $ref: '#/definitions/L3VpnSession' - properties: rules: description: | L3Vpn rules that are specific to the L3Vpn. Only L3Vpn rules with PROTECT action are supported. items: $ref: '#/definitions/L3VpnRule' title: |- L3Vpn Rules type: array uniqueItems: true type: object x-vmw-nsx-module: PolicyL3Vpn description: | A Policy-based L3Vpn session is a configuration in which a specific vpn tunnel is referenced in a policy whose action is set as tunnel. title: |- Policy based L3Vpn Session x-vmw-nsx-module: PolicyL3Vpn PolicyBgpNeighborStatus: properties: address_families: description: |- Address families of BGP neighbor items: $ref: '#/definitions/BgpAddressFamily' readOnly: true title: |- Address families of BGP neighbor type: array announced_capabilities: description: |- BGP capabilities sent to BGP neighbor. items: type: string readOnly: true title: |- BGP capabilities sent to BGP neighbor. type: array connection_drop_count: description: |- Count of connection drop format: int64 readOnly: true title: |- Count of connection drop type: integer connection_state: description: |- Current state of the BGP session. enum: - INVALID - IDLE - CONNECT - ACTIVE - OPEN_SENT - OPEN_CONFIRM - ESTABLISHED - UNKNOWN readOnly: true title: |- Current state of the BGP session. type: string edge_path: description: |- Transport node policy path title: |- Transport node policy path type: string established_connection_count: description: |- Count of connections established format: int64 readOnly: true title: |- Count of connections established type: integer graceful_restart_mode: description: | Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled readOnly: true title: |- Graceful restart mode type: string hold_time: description: | If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down. format: int64 readOnly: true title: |- Time in ms to wait for HELLO from BGP peer. type: integer keep_alive_interval: description: |- Time in ms to wait for HELLO packet from BGP peer format: int64 readOnly: true title: |- Time in ms to wait for HELLO packet from BGP peer type: integer last_update_timestamp: description: |- Timestamp when the data was last updated, unset if data source has never updated the data. format: int64 readOnly: true type: integer local_port: description: |- TCP port number of Local BGP connection format: int64 maximum: 65535 minimum: 1 readOnly: true title: |- TCP port number of Local BGP connection type: integer messages_received: description: |- Count of messages received from the neighbor format: int64 readOnly: true title: |- Count of messages received from the neighbor type: integer messages_sent: description: |- Count of messages sent to the neighbor format: int64 readOnly: true title: |- Count of messages sent to the neighbor type: integer negotiated_capability: description: |- BGP capabilities negotiated with BGP neighbor. items: type: string readOnly: true title: |- BGP capabilities negotiated with BGP neighbor. type: array neighbor_address: description: |- The IP of the BGP neighbor format: ip readOnly: true type: string neighbor_router_id: description: |- Router ID of the BGP neighbor. readOnly: true title: |- Router ID of the BGP neighbor. type: string remote_as_number: description: |- AS number of the BGP neighbor readOnly: true title: |- AS number of the BGP neighbor type: string remote_port: description: |- TCP port number of remote BGP Connection format: int64 maximum: 65535 minimum: 1 readOnly: true title: |- TCP port number of remote BGP Connection type: integer remote_site: $ref: '#/definitions/ResourceReference' source_address: description: |- The Ip address of logical port format: ip readOnly: true type: string tier0_path: description: |- Policy path to Tier0 readOnly: true title: |- Policy path to Tier0 type: string time_since_established: description: |- Time(in seconds) since connection was established. format: int64 readOnly: true title: |- Time(in seconds) since connection was established. type: integer total_in_prefix_count: description: |- Sum of in prefixes counts across all address families. format: int64 readOnly: true title: |- Count of in prefixes type: integer total_out_prefix_count: description: |- Sum of out prefixes counts across all address families. format: int64 readOnly: true title: |- Count of out prefixes type: integer type: description: |- BGP neighbor type enum: - INTER_SR - USER readOnly: true title: |- BGP neighbor type type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics PolicyBgpNeighborsStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: additionalProperties: false description: |- Status of BGP neighbors of the Tier0 items: $ref: '#/definitions/PolicyBgpNeighborStatus' readOnly: true title: |- Status of BGP neighbors of the Tier0 type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyCapacityDashboardUsage: properties: current_usage_count: description: | Indicate the current usage count of object type. format: int64 title: |- Current usage count of object type type: integer current_usage_percentage: description: | Current usage percentage for object type title: |- Current usage percentage type: number display_name: description: | Display name for NSX object type. title: |- User friendly name for object type type: string max_supported_count: description: | This is the maximum supported count for object type in consideration. format: int64 title: |- Maximum supported count for object type type: integer usage_type: description: | Indicate the object type for which usage is calculated. enum: - NUMBER_OF_VSPHERE_CLUSTERS - NUMBER_OF_PREPARED_HOSTS - NUMBER_OF_GROUPS - NUMBER_OF_SEGMENT - NUMBER_OF_SEGMENT_PORT - NUMBER_OF_FIREWALL_RULES - NUMBER_OF_FIREWALL_SECTIONS - NUMBER_OF_SECURITY_POLICY_RULES - NUMBER_OF_SECURITY_POLICY - NUMBER_OF_PROTECTION_ENABLED_HOST - NUMBER_OF_PROTECTION_ENABLED_VIRTUAL_MACHINES - NUMBER_OF_EDGE_CLUSTERS - NUMBER_OF_EDGE_NODES - NUMBER_OF_TIER0_ROUTERS - NUMBER_OF_TIER1_ROUTERS - NUMBER_OF_PREFIX_LIST - NUMBER_OF_NAT_RULES - NUMBER_OF_DHCP_IP_POOLS - NUMBER_OF_TIER1_WITH_NAT_RULE title: |- Object type for which usage is fetched type: string required: - current_usage_count - usage_type - display_name - current_usage_percentage - max_supported_count type: object x-vmw-nsx-module: PolicyCapacityDashboard PolicyCapacityUsageResponse: allOf: - $ref: '#/definitions/ManagedResource' - properties: capacity_usage: description: |- List of capacity usage for NSX Objects items: $ref: '#/definitions/PolicyCapacityDashboardUsage' title: |- List of capacity usage for NSX Objects type: array required: - capacity_usage type: object x-vmw-nsx-module: PolicyCapacityDashboard x-vmw-nsx-module: PolicyCapacityDashboard PolicyComplianceStatus: properties: last_updated_time: description: |- Timestamp of last update format: int64 readOnly: true type: integer non_compliant_configs: description: |- List of non compliant configuration and impacted services items: $ref: '#/definitions/PolicyNonCompliantConfig' readOnly: true title: |- List of non compliant configuration and impacted services type: array type: object x-vmw-nsx-module: PolicyCompliance PolicyConfigResource: allOf: - $ref: '#/definitions/PolicyResource' - properties: children: description: | subtree for this type within policy tree containing nested elements. items: $ref: '#/definitions/ChildPolicyConfigResource' title: |- subtree for this type within policy tree type: array marked_for_delete: default: false description: | Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects. readOnly: true title: |- Indicates whether the intent object is marked for deletion type: boolean overridden: default: false description: | Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties. readOnly: true title: |- Indicates whether this object is the overridden intent object type: boolean type: object x-vmw-nsx-module: Policy description: |- Represents an object on the desired state. title: |- Represents an object on the desired state x-vmw-nsx-module: Policy PolicyContainerGroupMemberDetails: description: | Details of the member belonging to a Group properties: cluster: items: $ref: '#/definitions/ClusterMemberDetails' type: array required: - cluster title: |- Group member details type: object x-vmw-nsx-module: PolicyGroupRealization PolicyContainerGroupMembersListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of pods that belong to the given Group items: $ref: '#/definitions/PolicyContainerGroupMemberDetails' title: |- Paged Collection of pods that belong to the given Group type: array required: - results type: object x-vmw-nsx-module: PolicyGroupRealization description: | Paginated collection of pods belonging to a Group. title: |- Group members list result x-vmw-nsx-module: PolicyGroupRealization PolicyContextProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: attributes: description: | Property containing attributes/sub-attributes for Policy Context Profile. items: $ref: '#/definitions/PolicyAttributes' title: |- Array of Policy Context Profile attributes type: array required: - attributes type: object x-vmw-nsx-module: PolicyContextProfile description: | An entity that encapsulates attributes and sub-attributes of various network services (eg. L7 services, domain name, encryption algorithm) The entity will be consumed in firewall rules and can be added in new tuple called profile in firewall rules. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes title: |- Policy Context Profile entity x-vmw-nsx-module: PolicyContextProfile PolicyContextProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged collection of PolicyContextProfiles items: $ref: '#/definitions/PolicyContextProfile' readOnly: true title: |- Paged collection of PolicyContextProfiles type: array type: object x-vmw-nsx-module: PolicyContextProfile description: |- List result of PolicyContextProfiles title: |- List result of PolicyContextProfiles x-vmw-nsx-module: PolicyContextProfile PolicyCustomAttributes: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: attribute_source: default: CUSTOM description: |- Source of attribute value i.e whether system defined or custom value enum: - CUSTOM - SYSTEM title: |- Source of attribute value i.e whether system defined or custom value type: string datatype: description: |- Datatype for attribute enum: - STRING title: |- Datatype for attribute type: string description: description: |- Description for attribute value title: |- Description for attribute value type: string key: description: |- Policy Custom Attribute Key enum: - DOMAIN_NAME - CUSTOM_URL title: |- Key for attribute type: string metadata: description: | This is optional part that can hold additional data about the attribute key/values. Example - For Custom URL key , it specified url type for url value. This is generic array and can hold multiple meta information about key/values in future items: $ref: '#/definitions/ContextProfileAttributesMetadata' title: |- Provide additional meta information about key/values type: array sub_attributes: description: |- Reference to sub attributes for the attribute items: $ref: '#/definitions/PolicySubAttributes' title: |- Reference to sub attributes for the attribute type: array value: description: | Multiple attribute values can be specified as elements of array. items: type: string minItems: 1 title: |- Value for attribute key type: array uniqueItems: true required: - datatype - key - value type: object x-vmw-nsx-module: PolicyContextProfile description: |- Policy Custom Attributes data holder title: |- Policy Custom Attributes data holder x-vmw-nsx-module: PolicyContextProfile PolicyDnsAnswerPerEnforcementPoint: description: | DNS forwarder nslookup answer per enforcement point. discriminator: resource_type properties: enforcement_point_path: description: | Policy path referencing the enforcement point from where the DNS forwarder nslookup answer is fetched. readOnly: true title: |- Enforcement point path type: string resource_type: description: | Resource type of the DNS forwarder nslookup answer. enum: - NsxTDnsAnswer title: |- Resource type type: string required: - resource_type title: |- NSLookup answer per enforcement point type: object x-vmw-nsx-module: PolicyDnsForwarder PolicyDnsForwarder: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cache_size: default: 1024 description: |- Cache size in KB. format: int32 maximum: 16777216 minimum: 0 title: |- Cache size in KB type: integer conditional_forwarder_zone_paths: description: |- Max of 5 DNS servers can be configured items: type: string maxItems: 5 title: |- Path of conditional DNS zones type: array default_forwarder_zone_path: description: | This is the zone to which DNS requests are forwarded by default title: |- Path of the default DNS zone. type: string enabled: default: true description: | The flag, which suggests whether the DNS forwarder is enabled or disabled. The default is True. title: |- DNS forwarder enabled flag type: boolean listener_ip: description: | This is the IP on which the DNS Forwarder listens. format: ipv4 type: string log_level: default: INFO description: | Set log_level to DISABLED will stop dumping fowarder log. enum: - DEBUG - INFO - WARNING - ERROR - FATAL title: |- Log level of the dns forwarder type: string required: - default_forwarder_zone_path - listener_ip type: object x-vmw-nsx-module: PolicyDnsForwarder description: |- Used to configure DNS Forwarder title: |- DNS Forwarder x-vmw-nsx-module: PolicyDnsForwarder PolicyDnsForwarderZone: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: dns_domain_names: description: | List of domain names on which conditional forwarding is based. This field is required if the DNS Zone is being used for a conditional forwarder. This field will also be used for conditional reverse lookup. Example 1, if for one of the zones, one of the entries in the fqdn is example.com, all the DNS requests under the domain example.com will be served by the corresponding upstream DNS server. Example 2, if for one of the zones, one of the entries in the fqdn list is "13.12.30.in-addr.arpa", reverse lookup for 30.12.13.0/24 will go to the corresponding DNS server. items: type: string title: |- List of domain names type: array source_ip: description: | The source IP used by the DNS Forwarder zone. format: ipv4 type: string upstream_servers: description: |- Max of 3 DNS servers can be configured items: description: |- IPv4 address format: ipv4 type: string maxItems: 3 title: |- DNS servers to which the DNS request needs to be forwarded type: array required: - upstream_servers type: object x-vmw-nsx-module: PolicyDnsForwarder description: |- Used to configure zones on DNS Forwarder title: |- DNS Forwarder Zone x-vmw-nsx-module: PolicyDnsForwarder PolicyDnsForwarderZoneListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Dns Forwarder Zone list results items: $ref: '#/definitions/PolicyDnsForwarderZone' title: |- Dns Forwarder Zone list results type: array required: - results type: object x-vmw-nsx-module: PolicyDnsForwarder description: |- Paged Collection of DNS Forwarder Zones title: |- Paged Collection of DNS Forwarder Zones x-vmw-nsx-module: PolicyDnsForwarder PolicyDraft: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: is_auto_draft: default: false description: | Flag to indicate whether draft is auto created. True indicates that the draft is an auto draft. False indicates that the draft is a manual draft. readOnly: true title: |- Auto draft flag type: boolean lock_comments: description: |- Comments for a policy draft lock/unlock. readOnly: false title: |- Policy draft lock/unlock comments type: string lock_modified_by: description: | ID of the user who last modified the lock for a policy draft. readOnly: true title: |- User who locked a policy draft type: string lock_modified_time: description: |- Policy draft locked/unlocked time in epoch milliseconds. format: int64 readOnly: true type: integer locked: default: false description: | Indicates whether a draft should be locked. If the draft is locked by an user, then no other user would be able to modify or publish this draft. Once the user releases the lock, other users can then modify or publish this draft. title: |- Lock a policy draft type: boolean ref_draft_path: description: | When specified, a manual draft will be created w.r.t. the specified draft. If not specified, manual draft will be created w.r.t. the current published configuration. For an auto draft, this will always be null. title: |- Path of an existing draft for reference type: string system_area: $ref: '#/definitions/Infra' system_area_store_id: description: | In case of a large draft, wherein the size of system_area is so big that it can not be stored into one draft object, the data is then gets stored into multiple chunks in a draft data store. This value represents the ID of that data store. readOnly: true title: |- ID of the data store where system_area has stored type: string user_area: $ref: '#/definitions/Infra' user_area_store_id: description: | In case of a large draft, wherein the size of user_area is so big that it can not be stored into one draft object, the data is then gets stored into multiple chunks in a draft data store. This value represents the ID of that data store. readOnly: true title: |- ID of the data store where user_area has stored type: string type: object x-vmw-nsx-module: PolicyDraft description: | A draft which stores the system generated as well as user intended changes in a hierarchical body format. title: |- Policy draft x-vmw-nsx-module: PolicyDraft PolicyDraftListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: | Paginated list of policy drafts. items: $ref: '#/definitions/PolicyDraft' readOnly: true title: |- Policy drafts list results type: array type: object x-vmw-nsx-module: PolicyDraft description: | This holds the list of policy drafts. title: |- Paged collection of policy drafts x-vmw-nsx-module: PolicyDraft PolicyDraftPaginatedAggregatedConfigurationResult: description: | Paginated result of aggregated configuration of a policy draft properties: request_id: description: | Request identifier to keep track of calculated aggregated configuration a draft during subsequent API calls after initial API call. This identifier can be use to fetch the detailed aggregated configuration at security policy level. Absence of request_id suggests that whole aggregated configuration has been returned as a response to initial API call, as the size of aggregated configuration is not big enough to need pagination. readOnly: true title: |- Request identifier to keep track of result type: string result: $ref: '#/definitions/Infra' title: |- Paginated result of aggregated configuration of a policy draft type: object x-vmw-nsx-module: PolicyDraft PolicyEdgeCluster: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: inter_site_forwarding_enabled: description: | Flag to indicate status of inter site l2 and l3 forwarding in federation. readOnly: true title: |- Inter site forwarding is enabled if true type: boolean nsx_id: description: |- UUID of Edge Cluster on NSX-T enforcement point. readOnly: true title: |- Edge Cluster UUID on NSX-T Enforcement Point type: string rtep_ips: description: |- List of remote tunnel endpoint ipaddress configured on edge cluster. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- Remote tunnel endpoint IP addresses. type: array type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Edge Cluster. title: |- Edge Cluster x-vmw-nsx-module: PolicyEnforcementPointManagement PolicyEdgeClusterInterSiteBgpSummary: allOf: - $ref: '#/definitions/ListResult' - properties: edge_cluster_path: description: |- Edge cluster path whose status is being reported. readOnly: true title: |- Edge node path type: string edge_nodes: description: |- Status of all edge nodes within cluster. items: $ref: '#/definitions/PolicyEdgeNodeInterSiteBgpSummary' readOnly: true title: |- Individual edge nodes status type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyEdgeClusterInterSiteStatus: properties: edge_cluster_name: description: |- Name of the edge cluster whose status is being reported. readOnly: true title: |- Edge cluster name type: string edge_cluster_path: description: |- Policy path of the edge cluster whose status is being reported. readOnly: true title: |- Edge cluster path type: string last_update_timestamp: description: | Timestamp when the edge cluster inter-site status was last updated. format: int64 readOnly: true type: integer member_status: description: |- Per edge node inter-site status. items: $ref: '#/definitions/PolicyEdgeClusterMemberInterSiteStatus' readOnly: true title: |- Per edge node inter-site status type: array overall_status: description: | Overall status of all edge nodes IBGP status in the edge cluster. enum: - UP - DOWN - DEGRADED - UNKNOWN readOnly: true title: |- Overall IBGP status in the edge cluster type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics PolicyEdgeClusterListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Edge Cluster list result. items: $ref: '#/definitions/PolicyEdgeCluster' title: |- Edge Cluster List Result type: array required: - results type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Paged Collection of Edge Cluster title: |- Paged Collection of Edge Cluster x-vmw-nsx-module: PolicyEnforcementPointManagement PolicyEdgeClusterMemberInterSiteStatus: properties: edge_node_path: $ref: '#/definitions/ResourceReference' established_bgp_sessions: description: |- Total number of current established inter-site IBGP sessions. format: int64 readOnly: true title: |- Established inter-site IBGP sessions type: integer neighbor_status: description: |- Inter-site BGP neighbor status. items: $ref: '#/definitions/PolicyBgpNeighborStatus' readOnly: true title: |- BGP neighbor status type: array status: description: |- Edge node IBGP status enum: - UP - DOWN - DEGRADED - UNKNOWN readOnly: true title: |- Edge node IBGP status type: string total_bgp_sessions: description: |- Total number of inter-site IBGP sessions. format: int64 readOnly: true title: |- Total inter-site IBGP sessions type: integer type: object x-vmw-nsx-module: PolicyConnectivityStatistics PolicyEdgeNode: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: member_index: description: | The numerical value of the member index in the edge cluster that this object represents and to which the edge node connects. format: int64 readOnly: true title: |- Member Index type: integer nsx_id: description: |- UUID of edge node on NSX-T enforcement point. readOnly: true title: |- Edge Node UUID on NSX-T Enforcement Point type: string type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: | This object serves as a representation of the edge cluster index to which the edge node connects. It should not be mistaken for the edge / transport node itself. Consuming services can refer to the nsx_id property to fetch the UUID of the edge / transport node that is attached to this index. title: |- Policy Edge Node x-vmw-nsx-module: PolicyEnforcementPointManagement PolicyEdgeNodeInterSiteBgpSummary: properties: edge_node_path: description: |- Edge node path whose status is being reported. readOnly: true title: |- Edge node path type: string last_update_timestamp: description: | Timestamp when the inter-site IBGP neighbors status was last updated. format: int64 readOnly: true type: integer neighbor_status: description: |- Status of all inter-site IBGP neighbors. items: $ref: '#/definitions/PolicyBgpNeighborStatus' readOnly: true title: |- Inter-site IBGP neighbors status type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics PolicyEdgeNodeListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Edge Node list result. items: $ref: '#/definitions/PolicyEdgeNode' title: |- Edge Node List Result type: array required: - results type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Paged Collection of Edge Node title: |- Paged Collection of Edge Node x-vmw-nsx-module: PolicyEnforcementPointManagement PolicyExcludeList: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: members: description: |- List of the members in the exclude list items: type: string maxItems: 100 title: |- ExcludeList member list type: array required: - members type: object x-vmw-nsx-module: PolicyFirewallConfiguration x-vmw-nsx-module: PolicyFirewallConfiguration PolicyExtraConfig: description: | Extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on logical switch, logical port or HostSwitch. If it was set on logical switch, it will be inherited automatically by logical ports in it. Also logical port setting will override logical switch setting if specific key was dual set on both logical switch and logical port. properties: config_pair: $ref: '#/definitions/UnboundedKeyValuePair' required: - config_pair title: |- Vendor specific configuration on HostSwitch, logical switch or logical port type: object x-vmw-nsx-module: PolicyExtraConfigHostSwitchProfile PolicyExtraConfigHostSwitchProfile: allOf: - $ref: '#/definitions/PolicyBaseHostSwitchProfile' - properties: extra_configs: description: |- list of extra configs items: $ref: '#/definitions/PolicyExtraConfig' title: |- list of extra configs type: array type: object x-vmw-nsx-module: PolicyExtraConfigHostSwitchProfile description: |- Profile for extra configs in host switch title: |- Profile for extra configs in host switch x-vmw-nsx-module: PolicyExtraConfigHostSwitchProfile PolicyFineTuningResourceInfo: description: | It represent the resource with details of name and fields it owns. properties: fields: description: |- List of all field of any resource items: $ref: '#/definitions/PolicyFineTuningResourceInfoDetail' title: |- List of all field of any resource type: array resource_name: description: | It will represent resource with name and fields. title: |- Resource name type: string required: - fields - resource_name title: |- Contains the detail of resources with name and fields type: object x-vmw-nsx-module: PolicyFineTuning PolicyFineTuningResourceInfoDetail: description: | Contains the details of resource field properties: field_name: description: | It will represent resource with name and fields. title: |- Resource name type: string sub_type: $ref: '#/definitions/PolicyFineTuningResourceInfo' required: - field_name - sub_type title: |- Contains the details resources with field type and name type: object x-vmw-nsx-module: PolicyFineTuning PolicyFirewallCPUMemThresholdsProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - properties: sequence_number: description: | Sequence number is used to resolve conflicts when two profiles get applied to a single node. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number. format: int64 maximum: 4294967295 minimum: 0 title: |- Sequence number of this profile binding map type: integer transport_nodes: description: | References of transport nodes on which the profile intended to be applied. items: $ref: '#/definitions/PolicyResourceReference' title: |- References of transport nodes type: array required: - sequence_number type: object x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding description: | This entity will be used to establish association between CPU Memory Thresholds Profile and Transport Node. Using this entity, user can specify intent for applying Firewall CPU Memory Thresholds Profile to particular Transport Node. title: |- Policy DFW CPU Memory Thresholds Profile binding map x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding PolicyFirewallCPUMemThresholdsProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Firewall CPU Memory Thresholds Profile Binding Map list results items: $ref: '#/definitions/PolicyFirewallCPUMemThresholdsProfileBindingMap' title: |- Firewall CPU Memory Thresholds Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding description: |- Paged collection of Firewall CPU Memory Thresholds Profile Binding Maps title: |- Paged collection of Firewall CPU Memory Thresholds Profile Binding Maps x-vmw-nsx-module: PolicyFirewallCPUMemThresholdsProfileBinding PolicyFirewallCpuMemThresholdsProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cpu_threshold_percentage: default: 90 description: | CPU utilization thresholds percentage to monitor and report for distributed firewall. format: int64 maximum: 100 minimum: 10 title: |- CPU utilization thresholds percentage type: integer mem_threshold_percentage: default: 90 description: | Heap memory thresholds percentage to monitor and report for distributed firewall. format: int64 maximum: 100 minimum: 10 title: |- Heap memory thresholds utilization percentage type: integer required: - mem_threshold_percentage - cpu_threshold_percentage type: object x-vmw-nsx-module: PolicyProfile description: |- A profile holding CPU and memory thresholds configuration. title: |- Firewall CPU and memory thresholds profile x-vmw-nsx-module: PolicyProfile PolicyFirewallCpuMemThresholdsProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- PolicyFirewallCpuMemThresholdsProfile list results items: $ref: '#/definitions/PolicyFirewallCpuMemThresholdsProfile' title: |- PolicyFirewallCpuMemThresholdsProfile list results type: array required: - results type: object x-vmw-nsx-module: PolicyProfile description: |- Paged Collection of PolicyFirewallCpuMemThresholdsProfile title: |- Paged Collection of PolicyFirewallCpuMemThresholdsProfile x-vmw-nsx-module: PolicyProfile PolicyFirewallFloodProtectionProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - properties: sequence_number: description: | Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number. format: int64 title: |- Sequence number of this profile binding map. type: integer required: - sequence_number type: object x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding description: | This entity will be used to establish association between Firewall Flood Protection profile and Group. Using this entity, user can specify intent for applying Firewall Flood Protection profile to particular Group. title: |- Policy DFW Flood Protection Profile binding map x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding PolicyFirewallFloodProtectionProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Firewall Flood Protection Profile Binding Map list results items: $ref: '#/definitions/PolicyFirewallFloodProtectionProfileBindingMap' title: |- Firewall Flood Protection Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding description: |- Paged collection of Firewall Flood Protection Profile Binding Maps title: |- Paged collection of Firewall Flood Protection Profile Binding Maps x-vmw-nsx-module: PolicyFirewallFloodProtectionProfileBinding PolicyFirewallScheduler: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: days: description: | Days of week on which rules will be enforced. If property is omitted, then days of the week will not considered while calculating the firewall schedule. It should not be present when the recurring flag is false. items: description: |- Day on which scheduled firewall rule will be enforced enum: - SUNDAY - MONDAY - TUESDAY - WEDNESDAY - THURSDAY - FRIDAY - SATURDAY type: string title: |- Days of the week type: array end_date: description: | End date on which schedule to end. Example, 12/22/2019. title: |- End date in MM/DD/YYYY type: string end_time: description: | If recurring field is set false, then this field must be present. The schedule will be enforced till the end time of the specified end date. If recurring field is set true, then this field should not be present. title: |- End time type: string recurring: default: true description: | Flag to indicate whether firewall schedule recurs or not. The default value is true and it should be set to false when the firewall schedule does not recur and is a one time time interval. title: |- Firewall schedule recurring flag type: boolean start_date: description: | Start date on which schedule to start. Example, 02/22/2019. title: |- Start date in MM/DD/YYYY type: string start_time: description: | Time in 24 hour and minutes in multiple of 30. Example, 9:00. If recurring field is set false, then this field must be present. The schedule will start getting enforced from the start time of the specified start date. If recurring field is set true, then this field should not be present. title: |- Start time type: string time_interval: description: | The recurring time interval in a day during which the schedule will be applicable. It should not be present when the recurring flag is false. items: $ref: '#/definitions/PolicyTimeIntervalValue' maxItems: 1 title: |- Recurring time interval type: array timezone: description: | Host Timezone to be used to enforce firewall rules. enum: - UTC - LOCAL title: |- Host timezone type: string required: - timezone - recurring - start_date - end_date type: object x-vmw-nsx-module: PolicyFirewallScheduler description: | An entity that encapsulates attributes to schedule firewall rules to be active to allow or block traffic for a specific period of time. Note that at least one property out of "days", "start_time", "end_time", "start_date", "end_date" is required. title: |- Policy Firewall Scheduler entity x-vmw-nsx-module: PolicyFirewallScheduler PolicyFirewallSchedulerListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged collection of PolicyFirewallSchedulers items: $ref: '#/definitions/PolicyFirewallScheduler' readOnly: true title: |- Paged collection of PolicyFirewallSchedulers type: array type: object x-vmw-nsx-module: PolicyFirewallScheduler description: |- List result of PolicyFirewallSchedulers title: |- List result of PolicyFirewallSchedulers x-vmw-nsx-module: PolicyFirewallScheduler PolicyFirewallSessionTimerProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: icmp_error_reply: default: 10 description: |- The timeout value for the connection after an ICMP error came back in response to an ICMP packet. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Timeout after ICMP error type: integer icmp_first_packet: default: 20 description: |- The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- First packet connection timeout type: integer tcp_closed: default: 20 description: |- The timeout value of connection in seconds after one endpoint sends an RST. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Timeout after RST type: integer tcp_closing: default: 120 description: |- The timeout value of connection in seconds after the first FIN has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Timeout after first TN type: integer tcp_established: default: 43200 description: |- The timeout value of connection in seconds once the connection has become fully established. The default value for Edges (i.e, Gateway,or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 120 readOnly: false title: |- Connection timeout type: integer tcp_finwait: default: 45 description: |- The timeout value of connection in seconds after both FINs have been exchanged and connection is closed. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Timeout after FINs exchanged type: integer tcp_first_packet: default: 120 description: |- The timeout value of connection in seconds after the first packet has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Connection timout after first packet type: integer tcp_opening: default: 30 description: |- The timeout value of connection in seconds after a second packet has been transferred. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Connection timout after second packet type: integer udp_first_packet: default: 60 description: |- The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Connection timout after first packet type: integer udp_multiple: default: 60 description: |- The timeout value of connection in seconds if both hosts have sent packets. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Timeout after hosts sent packet type: integer udp_single: default: 30 description: |- The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts. format: int64 maximum: 4320000 minimum: 10 readOnly: false title: |- Connection timeout for destination type: integer required: - tcp_closed - tcp_opening - udp_single - tcp_finwait - tcp_first_packet - tcp_closing - tcp_established - udp_multiple - icmp_error_reply - udp_first_packet - icmp_first_packet type: object x-vmw-nsx-module: PolicyFirewallSessionTimerProfile description: |- A profile holding TCP, UDP and ICMP session timeout configuration. title: |- Policy Firewall Session timeout profile x-vmw-nsx-module: PolicyFirewallSessionTimerProfile PolicyFirewallSessionTimerProfileBindingMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: firewall_session_timer_profile_path: description: |- PolicyPath of associated Firewall Timer Session Profile title: |- Firewall Session Timer Profile Path type: string sequence_number: description: | Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number. format: int64 title: |- Sequence number of this profile binding map. type: integer required: - firewall_session_timer_profile_path type: object x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding description: | This entity will be used to establish association between Firewall Timer session profile and Group. Using this entity, user can specify intent for applying Firewall Timer session profile to particular Group. title: |- Policy DFW Timer Session Profile binding map x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding PolicyFirewallSessionTimerProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Firewall Session Timer Profile Binding Map list results items: $ref: '#/definitions/PolicyFirewallSessionTimerProfileBindingMap' title: |- Firewall Session Timer Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding description: |- Paged collection of Firewall Session Timer Profile Binding Maps title: |- Paged collection of Firewall Session Timer Profile Binding Maps x-vmw-nsx-module: PolicyFirewallSessionTimerProfileBinding PolicyFirewallSessionTimerProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Policy Firewall Session timeout profile list results items: $ref: '#/definitions/PolicyFirewallSessionTimerProfile' title: |- Policy Firewall Session timeout profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyFirewallSessionTimerProfile description: |- Paged Collection of Policy Firewall Session timeout profiles title: |- Paged Collection of Policy Firewall Session timeout profiles x-vmw-nsx-module: PolicyFirewallSessionTimerProfile PolicyGroupIPMembersListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of IP addresses that belong to the given Group items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string title: |- Paged Collection of IP addresses that belong to the given Group type: array required: - results type: object x-vmw-nsx-module: PolicyGroupRealization description: | Paginated collection of IP members belonging to a Group. title: |- Group IP members list result x-vmw-nsx-module: PolicyGroupRealization PolicyGroupMemberDetails: description: | Details of the member belonging to a Group properties: display_name: description: |- The display name of the member on the enforcement point readOnly: true title: |- The display name of the member on the enforcement point type: string id: description: |- The ID of the member on the enforcement point readOnly: true title: |- The ID of the member on the enforcement point type: string path: description: |- The path of the member, if relevant readOnly: true title: |- The path of the member, if relevant type: string title: |- Group member details type: object x-vmw-nsx-module: PolicyGroupRealization PolicyGroupMembersListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of members that belong to the given Group items: $ref: '#/definitions/PolicyGroupMemberDetails' title: |- Paged Collection of members that belong to the given Group type: array required: - results type: object x-vmw-nsx-module: PolicyGroupRealization description: | Paginated collection of members belonging to a Group. title: |- Group members list result x-vmw-nsx-module: PolicyGroupRealization PolicyHostInfraTrafficType: description: | The traffic_name specifies the infrastructure traffic type and it must be one of the following system-defined types: FAULT_TOLERANCE is traffic for failover and recovery. HBR is traffic for Host based replication. ISCSI is traffic for Internet Small Computer System Interface. MANAGEMENT is traffic for host management. NFS is traffic related to file transfer in network file system. VDP is traffic for vSphere data protection. VIRTUAL_MACHINE is traffic generated by virtual machines. VMOTION is traffic for computing resource migration. VSAN is traffic generated by virtual storage area network. The dynamic_res_pool_name provides a name for the resource pool. It can be any arbitrary string. Either traffic_name or dynamic_res_pool_name must be set. If both are specified or omitted, an error will be returned. properties: dynamic_res_pool_name: description: |- Dynamic resource pool traffic name title: |- Dynamic resource pool traffic name type: string traffic_name: description: |- Traffic types enum: - FAULT_TOLERANCE - HBR - ISCSI - MANAGEMENT - NFS - VDP - VIRTUAL_MACHINE - VMOTION - VSAN title: |- Traffic types type: string title: |- Enumerate all types of traffic type: object x-vmw-nsx-module: PolicyNiocProfile PolicyHostSwitchProfilesListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- HostSwitch Profile Results items: $ref: '#/definitions/PolicyBaseHostSwitchProfile' readOnly: true title: |- HostSwitch Profile Results type: array type: object x-vmw-nsx-module: PolicyBaseHostSwitchProfile description: |- HostSwitch Profile queries result title: |- HostSwitch Profile queries result x-vmw-nsx-module: PolicyBaseHostSwitchProfile PolicyHostTransportNodeProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: host_switch_spec: $ref: '#/definitions/HostSwitchSpec' ignore_overridden_hosts: default: false description: | Host Transport Node Profiles specify the configuration that is applied to all hosts in a cluster. The user has the ability to update the configuration on individual hosts within a cluster which will cause the host configuration to differ from the Host Transport Node Profile and results in the host to be marked as overridden. If a Host Transport Node Profile is edited or a new Host Transport Node Profile is applied on a Host Transport Node Collection, by default, the host configuration will be overwritten with the Host Transport Node Profile configuration and the overridden flag will be reset to false. This flag should be used when hosts that are set as overridden should not adopt the Host Transport Node Profile configuration when it is being updated or a new one is applied to the Host Transport Node Collection. In other words, when this flag is set to the default value of false and configuration is applied at the cluster level, the configuration will be applied on all hosts regardless if overridden or not. When this flag is set to true, all hosts that are set as overridden, i.e., have been updated invidivually, will be ignored and the cluster-level configuration will not be applied. Note, Host Transport Node Profiles can be applied on multiple clusters. This field will dictate the behavior followed by all clusters using this Host Transport Node Profile. title: |- Determines if cluster-level configuration should be applied on overridden hosts type: boolean type: object x-vmw-nsx-module: PolicyHostTransportNodeProfile description: |- Host Transport Node Profile title: |- Host Transport Node Profile x-vmw-nsx-module: PolicyHostTransportNodeProfile PolicyHostTransportNodeProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- PolicyHostTransportNodeProfile Results items: $ref: '#/definitions/PolicyHostTransportNodeProfile' readOnly: true title: |- PolicyHostTransportNodeProfile Results type: array type: object x-vmw-nsx-module: PolicyHostTransportNodeProfile description: |- Host Transport Node Profile queries result title: |- Host Transport Node Profile queries result x-vmw-nsx-module: PolicyHostTransportNodeProfile PolicyIPAddressInfo: description: | Used to specify the display name and value of the IPv4Address. properties: address_value: description: | Value of the IPv4Address. format: ipv4 type: string display_name: description: | Display name used to help identify the IPv4Address. title: |- Display name of the IPv4Address type: string next_hop: description: | Next hop used in auto-plumbing of static route. If a value is not provided, static route will not be auto-plumbed. format: ipv4 type: string required: - address_value title: |- IP address information type: object x-vmw-nsx-module: PolicyL3Vpn PolicyIdfwGroupVmDetailListResult: allOf: - $ref: '#/definitions/ListResult' - properties: group_path: description: |- String Path of the group title: |- String Path of the group type: string results: description: |- List of user login/session data for a single VM items: $ref: '#/definitions/IdfwVmDetail' title: |- List of user login/session data for a single VM type: array type: object x-vmw-nsx-module: PolicyIdentity description: |- Identity Firewall user login/session data for a single Group. title: |- Identity Firewall user login/session data for a single Group x-vmw-nsx-module: PolicyIdentity PolicyIdsEventDataRequest: description: |- Filtering parameters to get only a subset of intrusion events. properties: filters: description: |- An array of filter conditions. items: $ref: '#/definitions/FilterRequest' title: |- Filter conditions type: array title: |- Parameters to filter list of intrusions type: object x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsEventFlowData: description: | IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, protocol, rule id, profile id, and the action. properties: action_type: description: |- The action pertaining to the detected intrusion. Possible values are ALERT, DROP, REJECT, and INVALID. ALERT - If there is a signature match on the packet, it is allowed to pass but a notification is sent to the user notifying an intrusion was detected. DROP - On a signature match, the packet is silently dropped. An alert is sent to the user that an intrusion was detected. REJECT - On a signature match, the packet is dropped and TCP RST or ICMP error messages (for non-TCP pkts) are sent to the endpoints. An alert is sent to the user that an intrusion was detected. INVALID - If the action doesn't belong to any of the above mentioned categories, it is marked as INVALID. enum: - ALERT - DROP - REJECT - INVALID readOnly: true title: |- IDS Event action type: string bytes_toclient: description: |- Bytes sent to client. format: int64 readOnly: true title: |- Bytes to client type: integer bytes_toserver: description: |- Bytes sent to server. format: int64 readOnly: true title: |- Bytes to server type: integer client_ip: description: |- IP address of the VM that initiated the communication. readOnly: true title: |- IP address of the client VM type: string destination_ip: description: |- IP address of the destination VM on the intrusion flow. readOnly: true title: |- IP address of the destination VM type: string destination_port: description: |- Port on the destination VM where the traffic was sent to. format: int64 readOnly: true title: |- Destination port type: integer gateway: description: |- Name of the gateway on which this intrusion was detected. readOnly: true title: |- Gateway where the intrusion was detected at type: string gateway_tags: description: |- Tags associated with the gateway on which this intrusion was detected. items: $ref: '#/definitions/Tag' readOnly: true title: |- Tags associated with the gateway type: array host: description: |- Name of the host on which this intrusion was detected. readOnly: true title: |- Host where intrusion was seen type: string local_vm_ip: description: |- IP address of VM on the host where IDS engine is running. readOnly: true title: |- IP address of the local VM type: string profile_id: description: |- The IDS profile id that is associated with the IDS rule pertaining to the intrusion event detected. readOnly: true title: |- IDS profile id type: string protocol: description: |- Traffic protocol pertaining to the detected intrusion, could be TCP/UDP etc. readOnly: true title: |- Traffic protocol pertaining to the intrusion type: string rule_id: description: |- The IDS Rule id pertaining to the detected intrusion. format: int64 readOnly: true title: |- IDS Rule id of detected intrusion type: integer source_ip: description: |- IP address of the source VM on the intrusion flow. readOnly: true title: |- IP address of the source VM type: string source_port: description: |- Source port through which traffic was initiated that caused the intrusion to be detected. format: int64 readOnly: true title: |- Source port type: integer traffic_type: description: |- The source where the intrusion was detected. Possible values are GATEWAY and HOST. enum: - GATEWAY - HOST readOnly: true title: |- IDS event detection source type: string title: |- IDS event flow data type: object x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsEventsBySignature: description: | Intrusions that are detected, grouped by signature. It contains the signature id, severity, name, the number of intrusions of that type and the first occurence. properties: count: description: |- Number of times this particular signature was detected. format: int64 readOnly: true title: |- Number of times signature was seen type: integer first_occurence: description: |- First occurence of the intrusion, in epoch milliseconds. format: int64 readOnly: true type: integer is_ongoing: description: |- Flag indicating an ongoing intrusion. readOnly: true title: |- Flag indicating an ongoing intrusion type: boolean resource_type: description: |- IDSEvent resource type. readOnly: true title: |- IDSEvent resource type type: string severity: description: |- Severity of the threat covered by the signature, can be Critical, High, Medium, or Low. readOnly: true title: |- Severity of the signature type: string signature_id: description: |- Signature ID pertaining to the detected intrusion. format: int64 readOnly: true title: |- Signature ID type: integer signature_name: description: |- Name of the signature pertaining to the detected intrusion. readOnly: true title: |- Name of the signature type: string traffic_type: description: |- The source where the intrusion was detected. Possible values are GATEWAY and HOST. enum: - GATEWAY - HOST readOnly: true title: |- IDS event detection source type: string title: |- Detcted intrusions grouped by signature type: object x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsEventsBySignatureResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of all intrusions detected, grouped by signature. The details include signature id, name, severity, timestamp, and total number of attempts per signature. items: $ref: '#/definitions/PolicyIdsEventsBySignature' readOnly: true title: |- List of all intrusions detected type: array type: object x-vmw-nsx-module: PolicyIDSMetrics description: | List of all intrusions that are detected grouped by signature, it contains minimal details about the intrusions. title: |- List of intrusions grouped by signature x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsEventsSummary: description: | Intrusion event with all the event and signature details, each event contains the signature id, name, severity, first and recent occurence, users and VMs affected and other signature metadata. properties: affected_ip_count: description: |- Count of workload IPs on which a particular signature was detected. format: int64 readOnly: true title: |- Count of workload IPs this signature was detected on type: integer affected_vm_count: description: |- Count of VMs on which a particular signature was detected. format: int64 readOnly: true title: |- Count of VMs this signature was detected on type: integer first_occurence: description: |- First occurence of the intrusion, in epoch milliseconds. format: int64 readOnly: true type: integer ids_flow_details: description: |- IDS event flow data specific to each IDS event. The data includes source ip, source port, destination ip, destination port, and protocol. items: $ref: '#/definitions/PolicyIdsEventFlowData' readOnly: true title: |- IDS event flow data details type: object is_ongoing: description: |- Flag indicating an ongoing intrusion. readOnly: true title: |- Flag indicating an ongoing intrusion type: boolean is_rule_valid: description: |- Indicates if the rule id is valid or not. readOnly: true title: |- Is the rule id valid type: boolean latest_occurence: description: |- Latest occurence of the intrusion, in epoch milliseconds. format: int64 readOnly: true type: integer resource_type: description: |- IDSEvent resource type. readOnly: true title: |- IDSEvent resource type type: string rule_id: description: |- The IDS Rule id that detected this particular intrusion. format: int64 readOnly: true title: |- IDS Rule id of detected intrusion type: integer signature_id: description: |- Signature ID pertaining to the detected intrusion. format: int64 readOnly: true title: |- Signature ID type: integer signature_metadata: description: |- Metadata about the detected signature including name, id, severity, product affected, protocol etc. items: $ref: '#/definitions/IdsSignature' readOnly: true title: |- Metadata about the detected signature type: object total_count: description: |- Number of times this particular signature was detected. format: int64 readOnly: true title: |- Number of occurrences of this signature type: integer user_details: description: |- List of users logged into VMs on which a particular signature was detected. items: $ref: '#/definitions/PolicyIdsUserStats' readOnly: true title: |- List of users on the affected VMs type: object vm_details: description: |- List of VMs on which a particular signature was detected with the count. items: $ref: '#/definitions/PolicyIdsVmStats' readOnly: true title: |- List of VMs this signature was seen type: object title: |- Intrusions with event and signature data type: object x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsIpList: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of all affected IP addresses specific to a particular signature. items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- List of all affected IP addresses type: array type: object x-vmw-nsx-module: PolicyIDSMetrics description: | List of all affected IP addresses pertaining to a specific signature for intrusion events seen on edge. title: |- List of affected IP addresses x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsSummaryListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged collection of the detected intrusions. items: $ref: '#/definitions/PolicyIdsEventsSummary' maxItems: 100 readOnly: true title: |- Paged collection of intrusions type: array type: object x-vmw-nsx-module: PolicyIDSMetrics description: | List of all intrusions that are detected grouped by signature with their summary. title: |- List of intrusions with their summary x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsUserList: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of all affected users specific to a particular signature. items: type: string readOnly: true title: |- List of all affected users type: array type: object x-vmw-nsx-module: PolicyIDSMetrics description: | List of all affected users pertaining to a specific signature. title: |- List of affected Users x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsUserStats: description: | List of Users logged into VMs where intrusions of a given signature were detected. properties: count: description: |- Number of unique users logged into VMs on which a particular signature was detected. format: int64 readOnly: true title: |- Number of unique users type: integer user_list: description: |- List of users logged into VMs on which a particular signature was detected. items: type: string readOnly: true title: |- List of users type: array title: |- List of Users type: object x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsVmList: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of all affected VMs specific to a particular signature. items: type: string readOnly: true title: |- List of all affected VMs type: array type: object x-vmw-nsx-module: PolicyIDSMetrics description: | List of all affected VMs pertaining to a specific signature for intrusion events seen on host. title: |- List of affected VMs x-vmw-nsx-module: PolicyIDSMetrics PolicyIdsVmStats: description: | List of VMs on which a particular signature was detected with the count. properties: count: description: |- Number of unique VMs on which a particular signature was detected. format: int64 readOnly: true title: |- Number of unique VMs type: integer vm_list: description: |- List of VM names on which intrusions of that particular signature type were detected. items: type: string readOnly: true title: |- List of VM names type: array title: |- List of VMs where signature was detected type: object x-vmw-nsx-module: PolicyIDSMetrics PolicyIgmpProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: last_member_query_interval: default: 1 description: | Max Response Time inserted into Group-Specific Queries sent in response to Leave Group messages, and is also the amount of time between Group-Specific Query messages. This value may be tuned to modify the "leave latency" of the network. A reduced value results in reduced time to detect the loss of the last member of a group. format: int32 maximum: 25 minimum: 1 title: |- Max Response Time type: integer query_interval: default: 30 description: | Interval(seconds) between general IGMP host-query messages. format: int32 maximum: 1800 minimum: 1 title: |- Interval between general IGMP host-query messages type: integer query_max_response_time: default: 10 description: | The query response interval(seconds) is the maximum amount of time that can elapse between when the querier router sends a host-query message and when it receives a response from a host. Configuring this interval allows admins to adjust the burstiness of IGMP messages on the subnet; larger values make the traffic less bursty, as host responses are spread out over a larger interval. The number of seconds represented by the query_max_response_time must be less than the query_interval. format: int32 maximum: 25 minimum: 1 title: |- The maximum elapsed time between response type: integer robustness_variable: default: 2 description: | The Robustness Variable allows tuning for the expected packet loss on a subnet. If a subnet is expected to be lossy, the Robustness Variable may be increased. IGMP is robust to (Robustness Variable-1) packet losses. The Robustness Variable must not be zero, and SHOULD NOT be one. format: int32 maximum: 255 minimum: 1 title: |- The Robustness Variable type: integer type: object x-vmw-nsx-module: PolicyMulticast description: |- IGMP profile. title: |- IGMP Profile x-vmw-nsx-module: PolicyMulticast PolicyIgmpProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Igmp Profile list results items: $ref: '#/definitions/PolicyIgmpProfile' title: |- Igmp Profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyMulticast description: |- Collection of Igmp Profile. title: |- Paged Collection of Igmp Profile x-vmw-nsx-module: PolicyMulticast PolicyInsertParameters: description: | Parameters to let the admin specify a relative position of a security policy or rule w.r.t to another one. properties: anchor_path: description: | The security policy/rule path if operation is 'insert_after' or 'insert_before' title: | The security policy/rule path if operation is 'insert_after' or 'insert_before' type: string operation: default: insert_top description: |- Operation enum: - insert_top - insert_bottom - insert_after - insert_before title: |- Operation type: string title: | Parameters to tell where security policy/rule needs to be placed type: object x-vmw-nsx-module: Policy PolicyInterfaceOspfConfig: description: |- OSPF Interface configuration. properties: bfd_path: description: | This filed is valid only if enable_bfd is set to TRUE. If enable_bfd flag is set to TRUE, this profile will be applied to all OSPF peers in this interface. If this field is empty, bfd_path will refer to Tier-0 global BFD profile. title: |- Policy path of BFD profile type: string dead_interval: default: 40 description: | Specifies the number of seconds that router must wait before it declares a OSPF neighbor router down because it has not received OSPF hello packet. OSPF dead interval should be minimum 3 times greater than the hello interval format: int32 maximum: 65535 minimum: 3 title: |- OSPF dead interval in seconds type: integer enable_bfd: description: | Enable/Disable OSPF to register for BFD event. Use FALSE to disable BFD. title: |- enable BFD for OSPF type: boolean enabled: default: true description: | enable/disable OSPF on the interface. If enabled flag not specified, defailt is enable OSPF. title: |- enable/disable OSPF type: boolean hello_interval: default: 10 description: | Specifies the interval between the hello packets that OSPF sends on this interface. OSPF hello interval should be less than the dead interval format: int32 maximum: 21845 minimum: 1 title: |- OSPF hello interval in seconds type: integer network_type: default: BROADCAST description: | Configure OSPF networkt type, default is BROADCAST network type enum: - BROADCAST - P2P title: |- Configure OSPF networkt type type: string ospf_area: description: | Attache Tier0 Interface to specified OSPF Area. all peers. title: |- Attach Tier0 Interface to specified OSPF Area type: string required: - ospf_area title: |- OSPF Interface configuration type: object x-vmw-nsx-module: PolicyConnectivity PolicyInterfaceStatistics: allOf: - $ref: '#/definitions/LogicalRouterPortStatistics' - type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: |- Tier0 or Tier1 interface statistics on specific Enforcement Point. title: |- Tier0 or Tier1 interface statistics on specific Enforcement Point x-vmw-nsx-module: PolicyConnectivityStatistics PolicyInterfaceStatisticsSummary: allOf: - $ref: '#/definitions/LogicalRouterPortStatisticsSummary' - properties: interface_policy_path: description: |- Policy path for the interface title: |- Policy path for the interface type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: |- Tier0 or Tier1 interface statistics on specific Enforcement Point. title: |- Tier0 or Tier1 interface statistics on specific Enforcement Point x-vmw-nsx-module: PolicyConnectivityStatistics PolicyIpsecVpnIkeServiceSummary: allOf: - $ref: '#/definitions/PolicyIpsecVpnSessionSummary' - properties: display_name: description: |- Display name of IPSec VPN service readOnly: true title: |- Display name of IPSec VPN service type: string enforcement_point_path: description: | Policy Path referencing the Primary site's enforcement point where the info is fetched. This is applicable only on a GlobalManager. readOnly: true title: |- Enforcement point Path type: string ipsec_vpn_service_path: description: |- Policy path of IPSec VPN service readOnly: true title: |- Policy path of IPSec VPN service type: string type: object x-vmw-nsx-module: PolicyVpnStats description: |- Summarized view of all IPSec VPN sessions for a specified service. title: |- IPSec VPN IKE service summary x-vmw-nsx-module: PolicyVpnStats PolicyIpsecVpnSessionSummary: description: |- Summarized view of all selected IPSec VPN sessions. properties: aggregate_traffic_counters: $ref: '#/definitions/IPSecVPNTrafficCounters' last_update_timestamp: description: |- Timestamp when the data was last updated. format: int64 readOnly: true type: integer session_summary: $ref: '#/definitions/IPsecVPNIKESessionSummary' traffic_summary_per_session: description: |- Traffic summary per session. items: $ref: '#/definitions/IPSecVPNSessionTrafficSummary' title: |- Traffic summary type: array title: |- IPSec VPN session summary type: object x-vmw-nsx-module: PolicyVpnStats PolicyLabel: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: refs: description: |- Policy entity paths referred by the label instance items: type: string title: |- Policy entity paths referred by the label instance type: array type: description: |- Policy intent entity type from PolicyResourceType title: |- Policy intent entity type from PolicyResourceType type: string required: - type type: object x-vmw-nsx-module: PolicyLabel description: |- Label to reference group of policy entities of same type. title: |- Label to reference group of policy entities of same type. x-vmw-nsx-module: PolicyLabel PolicyLabelListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Policy label list results items: $ref: '#/definitions/PolicyLabel' title: |- Policy label list results type: array required: - results type: object x-vmw-nsx-module: PolicyLabel description: |- Paged Collection of Domains title: |- Paged Collection of Domains x-vmw-nsx-module: PolicyLabel PolicyLatencyStatProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: applied_to_group_path: description: | The Policy group path to apply the latency profile. title: |- Binding Policy group path type: string pnic_latency_enabled: default: false description: | Enable or Disable pnic latency. readOnly: false title: |- Pnic latency enablement flag type: boolean sampling_interval: description: | Event nth milliseconds packet is sampled. When a value less than 1000 is given, the realized sampling interval will be 1000 milliseconds. format: int64 maximum: 1000000 minimum: 1 title: |- Latency sampling interval type: integer sampling_rate: description: | Event nth packet is sampled. format: int64 maximum: 1000000 minimum: 100 title: |- Latency sampling rate type: integer type: object x-vmw-nsx-module: PolicyLatency description: | Latency stat service profile title: |- Latency Stat Profile x-vmw-nsx-module: PolicyLatency PolicyLatencyStatProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Latency stat profile list. items: $ref: '#/definitions/PolicyLatencyStatProfile' readOnly: true title: |- Latency Stat Profile List type: array type: object x-vmw-nsx-module: PolicyLatency description: |- List of latency profile title: |- List of latency profile x-vmw-nsx-module: PolicyLatency PolicyListResult: allOf: - $ref: '#/definitions/ListResult' - type: object x-vmw-nsx-module: Policy description: |- Paged Collection of security policies title: |- Paged Collection of security policies x-vmw-nsx-module: Policy PolicyLiveTraceActionConfig: description: |- Livetrace action configuration properties: pktcap_config: $ref: '#/definitions/LiveTracePacketGranularActionConfig' trace_config: $ref: '#/definitions/LiveTracePacketGranularActionConfig' title: |- Livetrace action configuration type: object x-vmw-nsx-module: PolicyConnectivity PolicyLldpHostSwitchProfile: allOf: - $ref: '#/definitions/PolicyBaseHostSwitchProfile' - properties: send_enabled: description: |- Enabled or disabled sending LLDP packets title: |- Enabled or disabled sending LLDP packets type: boolean required: - send_enabled type: object x-vmw-nsx-module: PolicyLldpHostSwitchProfile description: |- Host Switch for LLDP title: |- Host Switch for LLDP x-vmw-nsx-module: PolicyLldpHostSwitchProfile PolicyMetadataProxyStatistics: properties: metadata_proxy_path: description: |- Policy path of metadata proxy configuration title: |- Policy path of metadata proxy configuration type: string statistics: description: |- Metadata Proxy statistics per segment items: $ref: '#/definitions/MetadataProxyStatisticsPerSegment' title: |- Metadata Proxy statistics per segment type: array timestamp: description: |- timestamp of the statistics format: int64 type: integer required: - timestamp - metadata_proxy_path type: object x-vmw-nsx-module: PolicyMetadataProxy PolicyMetadataProxyStatus: properties: error_message: description: |- Error message, if available title: |- Error message, if available type: string proxy_status: description: | UP means the metadata proxy is working fine on both transport-nodes(if configured); DOWN means the metadata proxy is is down on both transport-nodes(if configured), hence the metadata proxy will not repsond to any metadata request; Error means there is an error on transport-node(s) or no status is reported from transport-node(s). The metadata proxy may be working (or not working); NO_BACK means metadata proxy is working on one of the transport node while not in the other transport-node (if configured). If the metadata proxy on the working transport-node goes down, the metadata proxy will go down. enum: - UP - DOWN - ERROR - NO_BACKUP type: string transport_nodes: description: | Order of the transport nodes is insensitive because Metadata Proxy is running in Active-Active mode among target transport nodes. items: type: string title: |- ids of transport nodes where this metadata proxy is running type: array required: - proxy_status - transport_nodes type: object x-vmw-nsx-module: PolicyMetadataProxy PolicyMulticastConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enabled: default: false description: |- Enable/disable Multicast Configuration. title: |- Enable/disable Multicast Configuration type: boolean igmp_profile_path: description: | Updates to IGMP profile applied on all Tier0 gateways consuming the configuration. title: |- Policy path to IGMP profile type: string pim_profile_path: description: | Updates to PIM profile applied on all Tier0 gateways consuming the configuration. title: |- Policy path to PIM profile type: string replication_multicast_range: description: |- Replication multicast range. Required when enabled. format: ipv4-cidr-block title: |- Replication multicast range type: string type: object x-vmw-nsx-module: PolicyMulticast description: |- Multicast routing configuration. title: |- Multicast routing configuration x-vmw-nsx-module: PolicyMulticast PolicyMulticastForwarding: allOf: - $ref: '#/definitions/ListResult' - properties: gateway_path: description: | Policy path to Tier0 or Tier1 gateway. title: |- Policy path to Tier0 or Tier1 gateway type: string mcast_forwarding_per_edge: items: $ref: '#/definitions/MulticastForwardingPerEdge' type: array required: - gateway_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | Multicast Forwarding. title: |- Multicast Forwarding x-vmw-nsx-module: PolicyConnectivityStatistics PolicyMulticastForwardingInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/MulticastForwardingCsvRecord' readOnly: true type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyMulticastRoutes: allOf: - $ref: '#/definitions/ListResult' - properties: gateway_path: description: | Policy path to Tier0 gateway. title: |- Policy path to Tier0 gateway type: string mcast_routes_per_edge: items: $ref: '#/definitions/MulticastRoutesPerEdge' type: array required: - gateway_path type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: | Multicast Routes. title: |- Multicast Routes x-vmw-nsx-module: PolicyConnectivityStatistics PolicyMulticastRoutesInCsvFormat: allOf: - $ref: '#/definitions/CsvListResult' - properties: results: items: $ref: '#/definitions/MulticastRouteCsvRecord' readOnly: true type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyNATRuleCounters: description: | Gives the statistics count of a NAT rule. properties: active_sessions: description: | Gives the total number of active sessions. format: int64 readOnly: true title: |- Active sessions type: integer total_bytes: description: | Gives the total number of bytes. format: int64 readOnly: true title: |- Total bytes type: integer total_packets: description: | Gives the total number of packets. format: int64 readOnly: true title: |- Total packets type: integer title: |- Statistics count type: object x-vmw-nsx-module: PolicyNAT PolicyNat: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: nat_type: description: |- Represents a NAT section under tier-0/tier-1. enum: - INTERNAL - USER - DEFAULT - NAT64 title: |- NAT section under tier-0/tier-1 type: string type: object x-vmw-nsx-module: PolicyNAT description: | Represents NAT section. This object is created by default when corresponding tier-0/tier-1 is created. Under tier-0/tier-1 there will be 4 different NATs(sections). (INTERNAL, USER, DEFAULT and NAT64). title: |- Contains list of NAT Rules x-vmw-nsx-module: PolicyNAT PolicyNatListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- NAT list results items: $ref: '#/definitions/PolicyNat' title: |- NAT list results type: array required: - results type: object x-vmw-nsx-module: PolicyNAT description: |- Paged Collection of NAT Types title: |- Paged Collection of NAT Types x-vmw-nsx-module: PolicyNAT PolicyNatRule: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: action: description: | Source NAT(SNAT) - translates a source IP address in an outbound packet so that the packet appears to originate from a different network. SNAT is only supported when the logical router is running in active-standby mode. Destination NAT(DNAT) - translates the destination IP address of inbound packets so that packets are delivered to a target address into another network. DNAT is only supported when the logical router is running in active-standby mode. Reflexive NAT(REFLEXIVE) - IP-Range and CIDR are supported to define the "n". The number of original networks should be exactly the same as that of translated networks. The address translation is deterministic. Reflexive is supported on both Active/Standby and Active/Active LR. NO_SNAT and NO_DNAT - These do not have support for translated_fields, only source_network and destination_network fields are supported. NAT64 - translates an external IPv6 address to a internal IPv4 address. enum: - SNAT - DNAT - REFLEXIVE - NO_SNAT - NO_DNAT - NAT64 title: |- Represents action of NAT Rule SNAT, DNAT, REFLEXIVE type: string destination_network: description: | This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For DNAT and NO_DNAT rules, this is a mandatory field, and represents the destination network for the incoming packets. For other type of rules, optionally it can contain destination network of outgoing packets. NULL value for this field represents ANY network. format: list-of-address-or-block-or-range type: string enabled: default: true description: | The flag, which suggests whether the NAT rule is enabled or disabled. The default is True. title: |- Policy NAT Rule enabled flag type: boolean firewall_match: default: MATCH_INTERNAL_ADDRESS description: | It indicates how the firewall matches the address after NATing if firewall stage is not skipped. MATCH_EXTERNAL_ADDRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done. MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done. BYPASS indicates the firewall stage will be skipped. For NO_SNAT or NO_DNAT, it must be BYPASS or leave it unassigned enum: - MATCH_EXTERNAL_ADDRESS - MATCH_INTERNAL_ADDRESS - BYPASS title: |- Represents the firewall match flag type: string logging: default: false description: | The flag, which suggests whether the logging of NAT rule is enabled or disabled. The default is False. title: |- Policy NAT Rule logging flag type: boolean scope: description: | Represents the array of policy paths of ProviderInterface or NetworkInterface or labels of type ProviderInterface or NetworkInterface or IPSecVpnSession on which the NAT rule should get enforced. The interfaces must belong to the same router for which the NAT Rule is created. items: type: string title: |- Array of policy paths of labels, ProviderInterface, NetworkInterface type: array sequence_number: default: 0 description: | The sequence_number decides the rule_priority of a NAT rule. Sequence_number and rule_priority have 1:1 mapping.For each NAT section, there will be reserved rule_priority numbers.The valid range of rule_priority number is from 0 to 2147483647(MAX_INT). 1. INTERNAL section rule_priority reserved from 0 - 1023 (1024 rules) valid sequence_number range 0 - 1023 2. USER section rule_priority reserved from 1024 - 2147482623 (2147481600 rules) valid sequence_number range 0 - 2147481599 3. DEFAULT section rule_priority reserved from 2147482624 - 2147483647 (1024 rules) valid sequence_number range 0 - 1023 format: int32 title: |- Sequence number of the Nat Rule type: integer service: description: | It represents the path of Service on which the NAT rule will be applied. If not provided or if it is blank then Policy manager will consider it as ANY. Please note, if this is a DNAT, the destination_port of the service will be realized on NSX Manager as the translated_port. And if this is a SNAT, the destination_port will be ignored. title: |- Represents the service on which the NAT rule will be applied type: string source_network: description: | This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For SNAT, NO_SNAT, NAT64 and REFLEXIVE rules, this is a mandatory field and represents the source network of the packets leaving the network. For DNAT and NO_DNAT rules, optionally it can contain source network of incoming packets. NULL value for this field represents ANY network. format: list-of-address-or-block-or-range type: string translated_network: description: | This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For SNAT, DNAT, NAT64 and REFLEXIVE rules, this ia a mandatory field, which represents the translated network address. For NO_SNAT and NO_DNAT this should be empty. format: list-of-address-or-block-or-range type: string translated_ports: description: | Please note, if there is service configured in this NAT rule, the translated_port will be realized on NSX Manager as the destination_port. If there is no sevice configured, the port will be ignored. format: port-or-range type: string required: - action type: object x-vmw-nsx-module: PolicyNAT description: |- Represents a NAT rule between source and destination at T0/T1 router. title: |- Represents a NAT rule between source and destination at T0/T1 router x-vmw-nsx-module: PolicyNAT PolicyNatRuleListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- NAT Rules list results items: $ref: '#/definitions/PolicyNatRule' title: |- NAT Rules list results type: array required: - results type: object x-vmw-nsx-module: PolicyNAT description: |- Paged Collection of NAT Rules title: |- Paged Collection of NAT Rules x-vmw-nsx-module: PolicyNAT PolicyNatRuleStatistics: allOf: - $ref: '#/definitions/PolicyNATRuleCounters' - properties: last_update_timestamp: description: | Timestamp when the data was last updated. format: int64 readOnly: true type: integer warning_message: description: | The warning message about the NAT Rule Statistics. readOnly: true title: |- Warning Message type: string type: object x-vmw-nsx-module: PolicyNAT description: | Gives the Statistics of a NAT rule. title: |- Statistics of NAT Rule x-vmw-nsx-module: PolicyNAT PolicyNatRuleStatisticsListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- NAT rules statistics per enforcement point items: $ref: '#/definitions/PolicyNatRuleStatisticsPerEnforcementPoint' title: |- NAT rules statistics per enforcement point type: array required: - results type: object x-vmw-nsx-module: PolicyNAT description: | Gives the collection of NAT rule statistics per enforcement point. title: |- Collection of NAT Rule statistics x-vmw-nsx-module: PolicyNAT PolicyNatRuleStatisticsPerEnforcementPoint: description: | Gives the statistics of a NAT rule per enforcement point. properties: enforcement_point_path: description: | Policy Path referencing the enforcement point from where the statistics are fetched. title: |- Enforcement point Path type: string rule_path: description: | Path of NAT Rule. title: |- Path of NAT Rule type: string rule_statistics: description: | Gives NAT rule stats on an enforcement point. items: $ref: '#/definitions/PolicyNatRuleStatistics' readOnly: true title: |- Rule statistics per enforcement point type: array title: |- Statistics of NAT Rule per enforcement point type: object x-vmw-nsx-module: PolicyNAT PolicyNatRuleStatisticsPerLogicalRouter: description: | Gives the statistics of a NAT rule per logical router on specified enforcement point. properties: enforcement_point_path: description: | Policy Path referencing the enforcement point from where the statistics are fetched. title: |- Enforcement point Path type: string last_update_timestamp: description: | Timestamp when the data was last updated. format: int64 readOnly: true type: integer per_node_statistics: description: | Detailed Rule statistics per logical router. items: $ref: '#/definitions/PolicyNatRuleStatisticsPerTransportNode' readOnly: true title: |- Detailed Rule statistics type: array router_path: description: | Path of the router. title: |- Router path type: string statistics: $ref: '#/definitions/PolicyNATRuleCounters' title: |- Statistics of NAT Rule per logical router type: object x-vmw-nsx-module: PolicyNAT PolicyNatRuleStatisticsPerLogicalRouterListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- NAT rules statistics per logical router items: $ref: '#/definitions/PolicyNatRuleStatisticsPerLogicalRouter' title: |- NAT rules statistics per logical router type: array required: - results type: object x-vmw-nsx-module: PolicyNAT description: | Gives the collection of NAT rule statistics per logical router on specified enforcement point. title: |- Collection of NAT rule statistics per logical router x-vmw-nsx-module: PolicyNAT PolicyNatRuleStatisticsPerTransportNode: allOf: - $ref: '#/definitions/PolicyNATRuleCounters' - properties: last_update_timestamp: description: | Timestamp when the data was last updated. format: int64 readOnly: true type: integer transport_node_path: description: | Policy path of the Edge Node. readOnly: true title: |- Node path type: string type: object x-vmw-nsx-module: PolicyNAT description: | Gives the Statistics of a NAT rule. title: |- Statistics of NAT Rule x-vmw-nsx-module: PolicyNAT PolicyNiocProfile: allOf: - $ref: '#/definitions/PolicyBaseHostSwitchProfile' - properties: enabled: default: true description: | The enabled property specifies the status of NIOC feature. When enabled is set to true, NIOC feature is turned on and the bandwidth allocations specified for the traffic resources are enforced. When enabled is set to false, NIOC feature is turned off and no bandwidth allocation is guaranteed. By default, enabled will be set to true. title: |- Enabled status of NIOC feature type: boolean host_infra_traffic_res: description: | host_infra_traffic_res specifies bandwidth allocation for various traffic resources. items: $ref: '#/definitions/PolicyPolicyResourceAllocation' title: |- Resource allocation associated with NiocProfile type: array type: object x-vmw-nsx-module: PolicyNiocProfile description: | This profile is created for Network I/O Control(NIOC). title: |- Profile for Nioc x-vmw-nsx-module: PolicyNiocProfile PolicyNonCompliantConfig: properties: affected_resources: description: |- Resources/Services impacted by non compliant configuration items: $ref: '#/definitions/PolicyResourceReference' readOnly: true title: |- Resources/Services impacted by non compliant configuration type: array description: description: |- Detail description of non compliant configuration with suggestive action readOnly: true title: |- Detail description of non compliant configuration with suggestive action type: string non_compliance_code: description: |- Code for non compliant configuration format: int64 readOnly: true title: |- Code for non compliant configuration type: integer reported_by: $ref: '#/definitions/PolicyResourceReference' type: object x-vmw-nsx-module: PolicyCompliance PolicyOspfDatabaseListResult: allOf: - $ref: '#/definitions/ListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated, unset if data source has never updated the data. format: int64 readOnly: true type: integer results: description: |- array of OSPF database data items: $ref: '#/definitions/OspfDatabaseStatus' readOnly: true title: |- array of OSPF database data type: array tier0_path: description: |- Policy path for Tier0 gateway readOnly: true title: |- Policy path for Tier0 gateway type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyPimProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bsm_enabled: default: true description: |- Enable/disable bootstrap messaging Configuration. title: |- Enable/disable bootstrap messaging Configuration type: boolean rp_address: description: |- Static IPv4 multicast address configuration. format: ip type: string rp_address_multicast_ranges: description: |- Static IPv4 multicast address and assciated multicast groups configuration. items: $ref: '#/definitions/RpAddressMulticastRanges' title: |- Static IPv4 multicast address and assciated multicast groups configuration type: array type: object x-vmw-nsx-module: PolicyMulticast description: |- PIM profile. title: |- PIM profile x-vmw-nsx-module: PolicyMulticast PolicyPimProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- PIM Profile list results. items: $ref: '#/definitions/PolicyPimProfile' title: |- PIM Profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyMulticast description: |- Collection of Pim Profile. title: |- Paged Collection of Pim Profile x-vmw-nsx-module: PolicyMulticast PolicyPktCapResource: allOf: - $ref: '#/definitions/PktCapResource' - properties: logical_port_path: description: |- The path of segment port or router port where the packets are captured readOnly: true title: |- The path of segment port or router port where the packets are captured type: string type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity PolicyPolicyResourceAllocation: description: | Specify limit, shares and reservation for all kinds of traffic. Values for limit and reservation are expressed in percentage. And for shares, the value is expressed as a number between 1-100. The overall reservation among all traffic types should not exceed 75%. Otherwise, the API request will be rejected. properties: limit: default: -1.0 description: | The limit property specifies the maximum bandwidth allocation for a given traffic type and is expressed in percentage. The default value for this field is set to -1 which means the traffic is unbounded for the traffic type. All other negative values for this property is not supported and will be rejected by the API. maximum: 100 minimum: -1 title: |- Maximum bandwidth percentage type: number reservation: default: 0.0 description: |- Minimum guaranteed bandwidth percentage maximum: 75 minimum: 0 title: |- Minimum guaranteed bandwidth percentage type: number shares: default: 50 description: |- Shares format: int32 maximum: 100 minimum: 1 title: |- Shares type: integer traffic_type: $ref: '#/definitions/PolicyHostInfraTrafficType' required: - reservation - traffic_type - limit - shares title: |- Resource allocation information for a host infrastructure traffic type type: object x-vmw-nsx-module: PolicyNiocProfile PolicyPoolUsage: description: |- IP usage statistics in a IpAddressPool. properties: allocated_ip_allocations: description: | Total number of allocated IPs shown are from NSX manager. NSX manager uses default release delay of 2 mins. Till this delay passes, IPs will be shown as allocated (and counted in allocated ips). In this period of time there could be mismatch in requested_ip_allocations and allocated_ip_allocations. format: int64 readOnly: true title: |- Total number of allocated IPs in a IpAddressPool type: integer available_ips: description: |- Total number of available IPs in a IpAddressPool format: int64 readOnly: true title: |- Total number of available IPs in a IpAddressPool type: integer requested_ip_allocations: description: |- Total number of requested IP allocations in a IpAddressPool format: int64 readOnly: true title: |- Total number of requested IP allocations in a IpAddressPool type: integer total_ips: description: |- Total number of IPs in a IpAddressPool format: int64 readOnly: true title: |- Total number of IPs in a IpAddressPool type: integer type: object x-vmw-nsx-module: PolicyIpam PolicyRealizedResource: allOf: - $ref: '#/definitions/PolicyResource' - properties: alarms: description: |- Alarm info detail items: $ref: '#/definitions/PolicyAlarmResource' title: |- Alarm info detail type: array intent_reference: description: |- Desire state paths of this object items: type: string title: |- Desire state paths of this object type: array operational_status: description: | Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive. title: |- String representation of operational status type: string operational_status_error: description: | It defines the root cause for operational status error. title: |- String representation of operational status error type: string publish_status: description: | Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive. title: |- String representation of publish status type: string publish_status_error: description: | It defines the root cause for publish status error. title: |- String representation of publish status error type: string publish_status_error_code: description: | It defines error code for publish status error. format: int32 title: |- Represents error code for publish status. type: integer publish_status_error_details: description: | Error details for publish status. items: $ref: '#/definitions/ConfigurationStateElement' title: |- Details for publich status error. type: array realization_api: description: |- Realization API of this object on enforcement point title: |- Realization API of this object on enforcement point type: string realization_specific_identifier: description: |- Realization id of this object title: |- Realization id of this object type: string runtime_error: description: | It define the root cause for runtime error. title: |- String representation of runtime error type: string runtime_status: description: | Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive. title: |- String representation of runtime status type: string x-deprecated: true state: description: |- Realization state of this object enum: - UNAVAILABLE - UNREALIZED - REALIZED - ERROR title: |- Realization state of this object type: string required: - state type: object x-vmw-nsx-module: PolicyRealizedState description: |- Abstract base class for all the realized policy objects title: |- Abstract base class for all the realized policy objects x-vmw-nsx-module: PolicyRealizedState PolicyRelatedApiError: description: |- Detailed information about errors from API call to an enforcement point properties: details: description: |- Further details about the error title: |- Further details about the error type: string error_code: description: |- A numeric error code format: int64 title: |- A numeric error code type: integer error_data: description: |- Additional data about the error title: |- Additional data about the error type: object error_message: description: |- A description of the error title: |- A description of the error type: string module_name: description: |- The module name where the error occurred title: |- The module name where the error occurred type: string title: |- Detailed information about errors from API call to an enforcement point type: object x-vmw-nsx-module: PolicyRealizedState PolicyResource: allOf: - $ref: '#/definitions/ManagedResource' - properties: parent_path: description: |- Path of its parent readOnly: true title: |- Path of its parent type: string path: description: |- Absolute path of this object readOnly: true title: |- Absolute path of this object type: string realization_id: description: | This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent. readOnly: true title: |- A unique identifier assigned by the system for realizing intent type: string relative_path: description: |- Path relative from its parent readOnly: true title: |- Relative path of this object type: string unique_id: description: | This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites. readOnly: true title: |- A unique identifier assigned by the system type: string type: object x-vmw-nsx-module: Policy description: |- Abstract base class for all the policy objects. title: |- Abstract base class for all the policy objects x-vmw-nsx-module: Policy PolicyResourceReference: allOf: - $ref: '#/definitions/ResourceReference' - properties: path: description: |- Absolute path of this object. readOnly: true title: |- Absolute path of this object type: string type: object x-vmw-nsx-module: Policy description: |- Policy resource reference. title: |- Policy resource reference x-vmw-nsx-module: Policy PolicyResourceReferenceForEP: allOf: - $ref: '#/definitions/PolicyResourceReference' - type: object x-vmw-nsx-module: PolicyGroupRealization description: | Policy resource reference for enforcement point title: |- Policy resource reference for enforcement point x-vmw-nsx-module: PolicyGroupRealization PolicyResourceReferenceForEPListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of policy resource references for enforcement point items: $ref: '#/definitions/PolicyResourceReferenceForEP' title: |- Paged Collection of policy resource references for enforcement point type: array required: - results type: object x-vmw-nsx-module: PolicyGroupRealization description: | Paginated collection of policy resource references for enforcement point title: |- Policy resource reference list for enforcement point x-vmw-nsx-module: PolicyGroupRealization PolicyResourceReferenceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Policy resource references list results items: $ref: '#/definitions/PolicyResourceReference' title: |- Policy resource references list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of PolicyResourceReference title: |- Paged Collection of PolicyResourceReference x-vmw-nsx-module: Policy PolicyRuntimeAlarm: description: | Alarm associated with the PolicyRuntimeInfoPerEP that exposes potential errors when retrieving runtime information from the enforcement point. properties: error_details: $ref: '#/definitions/PolicyApiError' error_id: description: |- Alarm error id. readOnly: true title: |- Alarm Error Id type: string message: description: |- Error message describing the issue. readOnly: true title: |- Error Message to Describe the Issue type: string title: |- Alarm of PolicyRuntimeInfoPerEP type: object x-vmw-nsx-module: PolicyBaseStatistics PolicyRuntimeInfoPerEP: description: | Runtime Info Per Enforcement Point. properties: alarm: $ref: '#/definitions/PolicyRuntimeAlarm' enforcement_point_path: description: | Policy Path referencing the enforcement point where the info is fetched. readOnly: true title: |- Enforcement point Path type: string title: |- PolicyRuntimeInfoPerEP type: object x-vmw-nsx-module: PolicyBaseStatistics PolicySIExcludeList: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: members: description: |- List of the members in the exclude list items: type: string maxItems: 100 title: |- ExcludeList member list type: array required: - members type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- List of entities where Service Insertion will not be enforced. Exclusion List can contain PolicyGroup(s) or SegmentPort(s) or Segment(s). title: |- Service Insertion Exclusion List x-vmw-nsx-module: PolicyServiceInsertion PolicySIStatusConfiguration: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: east_west_enabled: default: false description: | If set to true, service insertion for east-west traffic is enabled. title: |- East-West status flag type: boolean north_south_enabled: default: false description: | If set to true, service insertion for north-south traffic is enabled. title: |- North-South status flag type: boolean type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- It represents status of Service Insertion for North-South and East-West context types. title: |- Service Insertion Status x-vmw-nsx-module: PolicyServiceInsertion PolicyServiceChain: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: failure_policy: default: ALLOW description: |- Failure policy for the service defines the action to be taken i.e to allow or to block the traffic during failure scenarios. enum: - ALLOW - BLOCK readOnly: false title: |- Failure Policy type: string forward_path_service_profiles: description: |- Forward path service profiles are applied to ingress traffic. items: type: string maxItems: 4 readOnly: false title: |- Forward path service profiles type: array path_selection_policy: default: ANY description: |- Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - Preference to be given to local service insances. REMOTE - Preference to be given to the SVM co-located on the same host. ROUND_ROBIN - All active service paths are hit with equal probability. enum: - ANY - LOCAL - REMOTE - ROUND_ROBIN readOnly: false title: |- Path Selection Policy type: string reverse_path_service_profiles: description: |- Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied. items: type: string maxItems: 4 readOnly: false title: |- Reverse path service profiles type: array service_segment_path: description: |- Path to service segment using which the traffic needs to be redirected. items: type: string maxItems: 1 minItems: 1 readOnly: false title: |- Path to service segment type: array required: - service_segment_path - forward_path_service_profiles type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services. title: |- Policy Service Chain x-vmw-nsx-module: PolicyServiceInsertion PolicyServiceChainListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- All PolicyServiceChain objects items: $ref: '#/definitions/PolicyServiceChain' title: |- All PolicyServiceChain objects type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Policy Service Chain List title: |- Policy Service Chain List x-vmw-nsx-module: PolicyServiceInsertion PolicyServiceInstance: allOf: - $ref: '#/definitions/BasePolicyServiceInstance' - properties: attributes: description: |- List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance. items: $ref: '#/definitions/Attribute' maxItems: 128 title: |- Deployment Template attributes type: array compute_id: description: |- Id of the compute(ResourcePool) to which this service needs to be deployed. title: |- Id of the compute resource. type: string context_id: description: |- UUID of VCenter/Compute Manager as seen on NSX Manager, to which this service needs to be deployed. title: |- Id of the compute manager type: string deployment_spec_name: description: |- Form factor for the deployment of partner service. title: |- Name of the Deployment Specification type: string deployment_template_name: description: |- Template for the deployment of partnet service. title: |- Name of the Deployment Template type: string failure_policy: default: BLOCK description: |- Failure policy for the Service VM. If this values is not provided, it will be defaulted to FAIL_CLOSE. enum: - ALLOW - BLOCK title: |- Failure policy for the Service VM type: string primary_gateway_address: description: | Gateway address for primary management console. If the provided segment already has gateway, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have gateway, this field must be provided. format: address-or-block-or-range type: string primary_interface_mgmt_ip: description: |- Management IP Address of primary interface of the Service format: address-or-block-or-range type: string primary_interface_network: description: |- Path of the segment to which primary interface of the Service VM needs to be connected title: |- Path of the segment to which primary interface of the Service VM needs to be connected type: string primary_portgroup_id: description: | Id of the standard or ditsributed port group for primary management console. Please note that only 1 of the 2 values from 1. primary_interface_network 2. primary_portgroup_id are allowed to be passed. Both can't be passed in the same request. title: |- Id of the standard or ditsributed port group for primary management console type: string primary_subnet_mask: description: | Subnet for primary management console IP. If the provided segment already has subnet, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have subnet, this field must be provided. format: address-or-block-or-range type: string secondary_gateway_address: description: | Gateway address for secondary management console. If the provided segment already has gateway, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have gateway, this field must be provided. format: address-or-block-or-range type: string secondary_interface_mgmt_ip: description: |- Management IP Address of secondary interface of the Service format: address-or-block-or-range type: string secondary_interface_network: description: |- Path of segment to which secondary interface of the Service VM needs to be connected title: |- Path of segment to which secondary interface of the Service VM needs to be connected type: string secondary_portgroup_id: description: | Id of the standard or ditsributed port group for secondary management console. Please note that only 1 of the 2 values from 1. secondary_interface_network 2. secondary_portgroup_id are allowed to be passed. Both can't be passed in the same request. title: |- Id of the standard or ditsributed port group for secondary management console type: string secondary_subnet_mask: description: | Subnet for secondary management console IP. If the provided segment already has subnet, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have subnet, this field must be provided. format: address-or-block-or-range type: string storage_id: description: |- Id of the storage(Datastore). VC moref of Datastore to which this service needs to be deployed. title: |- Id of the storage type: string required: - primary_interface_mgmt_ip - compute_id - deployment_spec_name - deployment_template_name - storage_id - attributes type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Represents an instance of partner Service and its configuration. title: |- Represents an instance of partner Service and its configuration x-vmw-nsx-module: PolicyServiceInsertion PolicyServiceInstanceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Service instance list results items: $ref: '#/definitions/PolicyServiceInstance' title: |- Service instance list results type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Collection of only SI objects title: |- Collection of only SI objects x-vmw-nsx-module: PolicyServiceInsertion PolicyServiceInstanceStatistics: allOf: - $ref: '#/definitions/Resource' - properties: enforcement_point_path: description: | Enforcement point path, forward slashes must be escaped using %2F. readOnly: true title: |- String Path of the enforcement point type: string instance_runtime_statistics: description: | Statistics for the data NICs for all the runtimes associated with this service instance. items: $ref: '#/definitions/InstanceRuntimeStatistic' readOnly: true title: |- Statistics for all runtimes type: array service_instance_id: description: |- PolicyServiceInsatnce path readOnly: true title: |- PolicyServiceInstance path type: string type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Statistics for NICs for a PolicyServiceInstance title: |- Statistics for NICs on PolicyServiceInstance x-vmw-nsx-module: PolicyServiceInsertion PolicyServiceProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: attributes: description: |- List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to NSX. If a vendor template exposes configurable parameters, then their values are specified here. items: $ref: '#/definitions/Attribute' maxItems: 128 readOnly: false title: |- Service profile attributes type: array redirection_action: description: |- The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Redirection action is not applicable to guest introspection service. enum: - PUNT - COPY readOnly: false title: |- Redirection action type: string vendor_template_key: description: |- The vendor template key property of actual vendor template. This should be used when multiple templates with same name exist. title: |- Vendor Template Key type: string vendor_template_name: description: |- Name of the vendor template for which this Service Profile is being created. readOnly: false title: |- Vendor template name type: string type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Service profile represents specialization of a vendor template. User may provide any of the vendor_template_name or vendor_template_key properties. But in case of multiple vendor templates with the same name, it is recommended to use the vendor_template_key. When both attributes are provided, name is ignored and only key is used to identify the template. If there are multiple templates with same name, and vendor_template_name is provided, realization will fail. title: |- Policy Service Profile for a given Service x-vmw-nsx-module: PolicyServiceInsertion PolicyServiceProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Service Profile list results items: $ref: '#/definitions/PolicyServiceProfile' title: |- Service Profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Policy Service Profile List title: |- Policy Service Profile List x-vmw-nsx-module: PolicyServiceInsertion PolicySubAttributes: description: |- Policy Sub Attributes data holder properties: datatype: description: |- Datatype for sub attribute enum: - STRING title: |- Datatype for sub attribute type: string key: description: |- Key for sub attribute enum: - TLS_CIPHER_SUITE - TLS_VERSION - CIFS_SMB_VERSION title: |- Key for sub attribute type: string value: description: | Multiple sub attribute values can be specified as elements of array. items: type: string minItems: 1 title: |- Value for sub attribute key type: array uniqueItems: true required: - datatype - value - key title: |- Policy Sub Attributes data holder type: object x-vmw-nsx-module: PolicyContextProfile PolicyTask: allOf: - $ref: '#/definitions/TaskProperties' - properties: failure_msg: description: | This property holds the reason of the task failure, if any. readOnly: true title: |- Reason of the task failure type: string type: object x-vmw-nsx-module: PolicyTask description: | This object holds the information of the task. title: |- Task information x-vmw-nsx-module: PolicyTask PolicyTepCsvListResult: allOf: - $ref: '#/definitions/CsvListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/PolicyTepTableCsvRecord' type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyTepListResult: allOf: - $ref: '#/definitions/ListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/PolicyTepTableEntry' type: array transport_node_id: description: |- Transport node identifier readOnly: true title: |- Transport node identifier type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyTepTableCsvRecord: allOf: - $ref: '#/definitions/CsvRecord' - properties: segment_id: description: |- This is the identifier of the TEP segment. This segment is NOT the same as logical segment or logical switch. title: |- TEP segment identifier type: string tep_ip: description: |- The tunnel endpoint IP address format: ip type: string tep_label: description: |- The tunnel endpoint label format: int64 title: |- The tunnel endpoint label type: integer tep_mac_address: description: |- The tunnel endpoint MAC address title: |- The tunnel endpoint MAC address type: string required: - tep_label - tep_mac_address type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics PolicyTepTableEntry: properties: segment_id: description: |- The segment Id title: |- The segment Id type: string tep_ip: description: |- The tunnel endpoint IP address format: ip type: string tep_label: description: |- The tunnel endpoint label format: int64 title: |- The tunnel endpoint label type: integer tep_mac_address: description: |- The tunnel endpoint MAC address title: |- The tunnel endpoint MAC address type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics PolicyTier1MulticastConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enabled: default: false description: |- Enable/disable Multicast Configuration. Whenever service router needs to be added/deleted from tier1, user needs to disable multicast first. title: |- Enable/disable Multicast Configuration type: boolean type: object x-vmw-nsx-module: PolicyMulticast description: |- Multicast routing configuration. title: |- Multicast routing configuration x-vmw-nsx-module: PolicyMulticast PolicyTimeIntervalValue: description: |- Time interval on which firewall schedule will be applicable properties: end_interval: description: | Time in 24 hour and minutes in multiple of 30. Example, 17:30. title: |- End time of the interval type: string start_interval: description: | Time in 24 hour and minutes in multiple of 30. Example, 9:00. title: |- Start time of the interval type: string required: - start_interval - end_interval title: |- Time interval on which firewall schedule will be applicable type: object x-vmw-nsx-module: PolicyFirewallScheduler PolicyTlsConfigProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: cache: default: false description: | Turn on TLS cache readOnly: false title: |- Turn on TLS cache type: boolean ssl_cache_size: description: | TLS SSL cache size format: int64 readOnly: false title: |- TLS SSL cache size type: integer required: - cache type: object x-vmw-nsx-module: PolicyTlsConfigProfile description: |- A profile holding tls configuration. title: |- Policy Tls config profile x-vmw-nsx-module: PolicyTlsConfigProfile PolicyTlsConfigProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Policy TLS config profile list results items: $ref: '#/definitions/PolicyTlsConfigProfile' title: |- Policy TLS config profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyTlsConfigProfile description: |- Paged Collection of Policy TLS config profiles title: |- Paged Collection of Policy TLS config profiles x-vmw-nsx-module: PolicyTlsConfigProfile PolicyTraceflowObservationDelivered: allOf: - $ref: '#/definitions/TraceflowObservationDelivered' - properties: segment_port_path: description: |- The path of the segment port or router port into which the traceflow packet was delivered readOnly: true title: |- The path of the segment port or router port into which the traceflow packet was delivered type: string type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity PolicyTraceflowObservationDropped: allOf: - $ref: '#/definitions/TraceflowObservationDropped' - properties: acl_rule_path: description: |- The path of the ACL rule that was applied to forward the traceflow packet readOnly: true title: |- Access Control List Rule Path type: string nat_rule_path: description: |- The path of the NAT rule that was applied to forward the traceflow packet readOnly: true title: |- Network Address Translation Rule Path type: string segment_port_path: description: |- The path of the segment port or router port at which the traceflow packet was dropped readOnly: true title: |- The path of the segment port or router port at which the traceflow packet was dropped type: string type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity PolicyTraceflowObservationDroppedLogical: allOf: - $ref: '#/definitions/TraceflowObservationDroppedLogical' - properties: acl_rule_path: description: |- The path of the ACL rule that was applied to forward the traceflow packet readOnly: true title: |- Access Control List Rule Path type: string component_path: description: |- The path of the component that dropped the traceflow packet readOnly: true title: |- The path of the component that dropped the traceflow packet type: string jumpto_rule_path: description: |- The path of the jump-to rule that was applied to the traceflow packet readOnly: true title: |- Jump-to Rule Path type: string l2_rule_path: description: |- The path of the l2 rule that was applied to the traceflow packet readOnly: true title: |- L2 Rule Path type: string nat_rule_path: description: |- The path of the NAT rule that was applied to forward the traceflow packet readOnly: true title: |- Network Address Translation Rule Path type: string segment_port_path: description: |- The path of the segment port at which traceflow packet was dropped readOnly: true title: |- The path of the segment port at which traceflow packet was dropped type: string type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity PolicyTraceflowObservationForwardedLogical: allOf: - $ref: '#/definitions/TraceflowObservationForwardedLogical' - properties: acl_rule_path: description: |- The path of the ACL rule that was applied to forward the traceflow packet readOnly: true title: |- Access Control List Rule Path type: string component_path: description: |- The path of the component that forwarded the traceflow packet readOnly: true title: |- The path of the component that forwarded the traceflow packet type: string dst_component_path: description: |- The path of the destination component to which the traceflow packet was forwarded readOnly: true title: |- The path of the destination component to which the traceflow packet was forwarded type: string jumpto_rule_path: description: |- The path of the jump-to rule that was applied to the traceflow packet readOnly: true title: |- Jump-to Rule Path type: string l2_rule_path: description: |- The path of the l2 rule that was applied to the traceflow packet readOnly: true title: |- L2 Rule Path type: string nat_rule_path: description: |- The path of the NAT rule that was applied to forward the traceflow packet readOnly: true title: |- Network Address Translation Rule Path type: string segment_port_path: description: |- The path of the segment port or router port through which the traceflow packet was forwarded readOnly: true title: |- The path of the segment port or router port through which the traceflow packet was forwarded type: string type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity PolicyTraceflowObservationReceivedLogical: allOf: - $ref: '#/definitions/TraceflowObservationReceivedLogical' - properties: component_path: description: |- The path of the component that received the traceflow packet readOnly: true title: |- The path of the component that received the traceflow packet type: string segment_port_path: description: |- The path of the segment port or router port at which the traceflow packet was received readOnly: true title: |- The path of the segment port or router port at which the traceflow packet was received type: string src_component_path: description: |- The path of the source component from which the traceflow packet was received readOnly: true title: |- The path of the source component from which the traceflow packet was received type: string type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity PolicyTraceflowObservationRelayedLogical: allOf: - $ref: '#/definitions/TraceflowObservationRelayedLogical' - properties: logical_component_path: description: |- This field specifies the logical component that relay service located on. readOnly: true title: |- The path of the component on which relay service located type: string type: object x-vmw-nsx-module: PolicyConnectivity x-vmw-nsx-module: PolicyConnectivity PolicyTransportZone: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: is_default: default: false description: | Flag to indicate if the transport zone is the default one. Only one transport zone can be the default one for a given transport zone type. title: |- Flag to indicate if the transport zone is the default one type: boolean nested_nsx: default: false description: |- This flag should be set to true in nested NSX environment. When the "allow_changing_vdr_mac_in_use" property in the global config object RoutingGlobalConfig is false, this flag can not be changed if this transport zone is OVERLAY and the change will make any transport node in this transport zone to change the VDR MAC used in any host switch. When this flag is true and this transport zone is OVERLAY, all host switches in this transport zone will use the VDR MAC in the "vdr_mac_nested" property in the global config object RoutingGlobalConfig. title: |- Flag to indicate if all transport nodes in this transport zone are connected through nested NSX. type: boolean nsx_id: description: |- UUID of transport zone on NSX-T enforcement point. readOnly: true title: |- Transport Zone UUID on NSX-T Enforcement Point type: string origin_id: description: |- This field is populated only if the transport zone was created by NSX system to support security on vSphere Distributed Switch (vDS). The origin_id will refer to the identifier of corresponding vDS from it's parent vCenter server. readOnly: true title: |- The host switch id generated by the system. type: string transport_zone_profile_paths: description: |- Policy Transport Zone Profile paths items: type: string title: |- Policy Transport Zone Profile paths type: array tz_type: description: | Transport Zone Traffic type. OVERLAY_STANDARD and OVERLAY_ENS are deprecated. STANDARD, ENS and ENS_INTERRUPT are hostSwitch modes and same can be given in HostTransportNode.HostSwitchSpec. enum: - OVERLAY_STANDARD - OVERLAY_ENS - VLAN_BACKED - OVERLAY_BACKED - UNKNOWN title: |- Transport Zone Type type: string uplink_teaming_policy_names: additionalProperties: false description: |- The names of switching uplink teaming policies that all transport nodes in this transport zone support. Uplinkin teaming policies are only valid for VLAN backed transport zones. items: type: string title: |- Names of the switching uplink teaming policies that are supported by this transport zone. type: array type: object x-vmw-nsx-module: PolicyTransportZone description: |- Transport Zone. title: |- Transport Zone x-vmw-nsx-module: PolicyTransportZone PolicyTransportZoneListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: additionalProperties: false description: |- Transport Zone list result. items: $ref: '#/definitions/PolicyTransportZone' title: |- Transport Zone List Result type: array required: - results type: object x-vmw-nsx-module: PolicyTransportZone description: |- Paged Collection of Transport Zone title: |- Paged Collection of Transport Zone x-vmw-nsx-module: PolicyTransportZone PolicyTransportZoneProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bfd_config: $ref: '#/definitions/BfdHealthMonitoringConfig' tz_profile_type: description: |- Policy Transport Zone Type. enum: - BFD title: |- Policy Transport Zone Type type: string required: - tz_profile_type - bfd_config type: object x-vmw-nsx-module: PolicyTransportZoneProfile description: |- Transport Zone Profile. title: |- Transport Zone Profile x-vmw-nsx-module: PolicyTransportZoneProfile PolicyTransportZoneProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Policy Transport Zone profile list results items: $ref: '#/definitions/PolicyTransportZoneProfile' title: |- Policy Transport Zone profile list results type: array required: - results type: object x-vmw-nsx-module: PolicyTransportZoneProfile description: |- Paged collection of Policy Transport Zone Profiles title: |- Paged collection of Policy Transport Zone Profiles x-vmw-nsx-module: PolicyTransportZoneProfile PolicyUplinkHostSwitchProfile: allOf: - $ref: '#/definitions/PolicyBaseHostSwitchProfile' - properties: lags: description: |- list of LACP group items: $ref: '#/definitions/Lag' maxItems: 64 title: |- list of LACP group type: array mtu: description: |- Maximum Transmission Unit used for uplinks format: int32 minimum: 1280 title: |- Maximum Transmission Unit used for uplinks type: integer named_teamings: description: |- List of named uplink teaming policies that can be used by logical switches items: $ref: '#/definitions/NamedTeamingPolicy' maxItems: 32 title: |- List of named uplink teaming policies that can be used by logical switches type: array overlay_encap: default: GENEVE description: |- The protocol used to encapsulate overlay traffic enum: - VXLAN - GENEVE title: |- The protocol used to encapsulate overlay traffic type: string teaming: $ref: '#/definitions/TeamingPolicy' transport_vlan: default: 0 description: |- VLAN used for tagging Overlay traffic of associated HostSwitch format: int64 type: integer required: - teaming type: object x-vmw-nsx-module: PolicyUplinkHostSwitchProfile description: |- Profile for uplink policies title: |- Profile for uplink policies x-vmw-nsx-module: PolicyUplinkHostSwitchProfile PolicyUrlCategorizationConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: context_profiles: description: | The ids of the context profiles that provides the list of categories to be detected. This field is deprecated. URL Categorization will not be supported in association with context profiles. items: type: string title: |- Context profiles type: array x-deprecated: true enabled: description: | Property which specifies the enabling/disabling of the feature. title: |- Enabled type: boolean update_frequency: default: 30 description: | The frequency in minutes at which the updates are downloaded from the URL categorization cloud service. The minimum allowed value is 5 minutes. format: int32 minimum: 5 title: |- Policy URL Categorization Update Frequency type: integer required: - enabled type: object x-vmw-nsx-module: PolicyUrlCategorization description: | The type contains information about the configuration of the feature for a specific node. It contains information like the whether the feature is enabled/disabled, the context profiles defining the category list to detect. title: |- URL categorization entity x-vmw-nsx-module: PolicyUrlCategorization PolicyUrlCategory: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: category_id: description: |- The id of the category. format: int32 title: |- Category id type: integer category_name: description: |- The name of the category. title: |- Category name type: string required: - category_id - category_name type: object x-vmw-nsx-module: PolicyUrlCategorization description: | Every URL is classified into one or more of 83 pre-defined categories. Examples of categories are 'Shopping', 'Financial Services', 'Travel', etc. title: |- Policy URL category x-vmw-nsx-module: PolicyUrlCategorization PolicyUrlCategoryListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Category list result items: $ref: '#/definitions/PolicyUrlCategory' title: |- Category list result type: array required: - results type: object x-vmw-nsx-module: PolicyUrlCategorization description: | List of Policy URL categories. title: |- List of Policy URL categories x-vmw-nsx-module: PolicyUrlCategorization PolicyUrlReputationSeverity: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: max_reputation: description: |- The maximum reputation for the severity. format: int32 title: |- Maximum reputation type: integer min_reputation: description: |- The minimum reputation for the severity. format: int32 title: |- Minimim Reputation type: integer name: description: |- The name of the severity. title: |- Reputation severity name type: string reputation_severity_id: description: |- The id of the reputation severity. format: int32 title: |- Reputation severity id type: integer required: - max_reputation - min_reputation - reputation_severity_id - name type: object x-vmw-nsx-module: PolicyUrlCategorization description: | The reputation severity of an URL. title: |- Policy URL reputation severity x-vmw-nsx-module: PolicyUrlCategorization PolicyUrlReputationSeverityListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Reputation Severity list items: $ref: '#/definitions/PolicyUrlReputationSeverity' title: |- Reputation Severity list type: array required: - results type: object x-vmw-nsx-module: PolicyUrlCategorization description: | List of URL reputation severities. title: |- List of URL reputation severities x-vmw-nsx-module: PolicyUrlCategorization PoolMemberSetting: description: | The setting is used to add, update or remove pool members from pool. For static pool members, admin_state, display_name and weight can be updated. For dynamic pool members, only admin_state can be updated. properties: admin_state: default: ENABLED description: |- Member admin state enum: - ENABLED - DISABLED - GRACEFUL_DISABLED type: string display_name: description: | Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail. title: |- Pool member display name type: string ip_address: description: |- Pool member IP address format: ip type: string port: description: |- Pool member port number format: port-or-range type: string weight: description: | Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail. format: int64 maximum: 255 minimum: 1 title: |- Pool member weight type: integer required: - ip_address title: |- Pool member setting type: object x-vmw-nsx-module: LoadBalancer PortAddressBindingEntry: description: |- Detailed information about static address for the port. properties: ip_address: description: |- IP Address for port binding title: |- IP address type: string mac_address: description: |- Mac address for port binding format: mac-address type: string vlan_id: description: |- VLAN ID for port binding format: int64 type: integer title: |- Address binding information type: object x-vmw-nsx-module: PolicyConnectivity PortAttacher: description: |- VM or vmknic entity attached to LogicalPort properties: entity: description: | This is a vmknic name if the attacher is vmknic. Otherwise, it is full path of the attached VM's config file readOnly: false title: |- Reference to the attached entity type: string host: description: |- TransportNode on which the attacher resides readOnly: false title: |- TransportNode on which the attacher resides type: string required: - host - entity title: |- VM or vmknic entity attached to LogicalPort type: object x-vmw-nsx-module: LogicalPort PortAttachment: description: |- Detail information about port attachment properties: allocate_addresses: description: |- Indicate how IP will be allocated for the port enum: - IP_POOL - MAC_POOL - BOTH - NONE - DHCP title: |- Allocate addresses type: string app_id: description: | ID used to identify/look up a child attachment behind a parent attachment title: |- App Id type: string bms_interface_config: $ref: '#/definitions/AttachedInterfaceEntry' context_id: description: | If type is CHILD and the parent port is on the same segment as the child port, then this field should be VIF ID of the parent port. If type is CHILD and the parent port is on a different segment, then this field should be policy path of the parent port. If type is INDEPENDENT/STATIC, then this field should be transport node ID. title: |- Context ID based on the type type: string context_type: description: |- Set to PARENT when type field is CHILD. Read only field. enum: - PARENT readOnly: true title: |- Context Type type: string evpn_vlans: description: |- List of Evpn tenant VLAN IDs the Parent logical-port serves in Evpn Route-Server mode. Only effective when attachment type is PARENT and the logical-port is attached to vRouter VM. items: type: string maxItems: 1000 minItems: 0 title: |- Evpn tenant VLAN IDs the Parent logical-port serves. type: array hyperbus_mode: default: DISABLE description: |- Flag to indicate if hyperbus configuration is required. enum: - ENABLE - DISABLE title: |- Hyperbus mode type: string id: description: |- VIF UUID on NSX Manager. If the attachement type is PARENT, this property is required. title: |- Port attachment ID type: string traffic_tag: description: | Not valid when type field is INDEPENDENT, mainly used to identify traffic from different ports in container use case. format: int64 type: integer type: description: |- Type of port attachment. STATIC is added to replace INDEPENDENT. INDEPENDENT type and PARENT type are deprecated. enum: - PARENT - CHILD - INDEPENDENT - STATIC title: |- Attachement type type: string title: |- Attachment information on the port type: object x-vmw-nsx-module: PolicyConnectivity PortDiscoveryProfileBindingMap: allOf: - $ref: '#/definitions/DiscoveryProfileBindingMap' - properties: ip_discovery_profile_path: description: |- PolicyPath of associated IP Discovery Profile title: |- IP Discovery Profile Path type: string mac_discovery_profile_path: description: |- PolicyPath of associated Mac Discovery Profile title: |- Mac Discovery Profile Path type: string type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: | This entity will be used to establish association between discovery profile and Port. Using this entity, user can specify intent for applying discovery profile to particular Port. Port here is Logical Port. title: |- Port Discovery Profile binding map x-vmw-nsx-module: PolicyDiscoveryProfileBinding PortDiscoveryProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Port Discovery Profile Binding Map list results items: $ref: '#/definitions/PortDiscoveryProfileBindingMap' title: |- Port Discovery Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: |- Paged collection of Port Discovery Profile Binding Maps title: |- Paged collection of Port Discovery Profile Binding Maps x-vmw-nsx-module: PolicyDiscoveryProfileBinding PortMirrorFilter: properties: destination_ips: $ref: '#/definitions/IPAddresses' destination_ports: description: |- Destination port in the form of a port or port range, used to match the destination port of a packet. If not provided, no filtering by destination port is performed. format: port-or-range type: string protocol: description: |- The transport protocols of TCP or UDP, used to match the transport protocol of a packet. If not provided, no filtering by IP protocols is performed. enum: - TCP - UDP title: |- The protocol used to filter packets. type: string source_ips: $ref: '#/definitions/IPAddresses' source_ports: description: |- Source port in the form of a port or port range, used to match the source port of a packet. If not provided, no filtering by source port is performed. format: port-or-range type: string type: object x-vmw-nsx-module: PolicyPortMirroring PortMirroringInstance: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: destination_group: description: | Data from source group will be copied to members of destination group. title: |- Destination group path type: string direction: description: |- Port mirroring instance direction enum: - INGRESS - EGRESS - BIDIRECTIONAL title: |- Direction type: string snap_length: description: | If this property is set, the packet will be truncated to the provided length. If this property is unset, entire packet will be mirrored. format: int32 maximum: 65535 minimum: 60 title: |- Maximum packet length for packet truncation type: integer required: - destination_group type: object x-vmw-nsx-module: PolicyOperations description: |- Mirrors Data from source to destination title: |- Mirrors Data from source to destination x-vmw-nsx-module: PolicyOperations PortMirroringInstanceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Port Mirroring Instances list results items: $ref: '#/definitions/PortMirroringInstance' title: |- Port Mirroring Instances list results type: array required: - results type: object x-vmw-nsx-module: PolicyOperations description: |- Paged collection of port mirroring instances title: |- Paged collection of port mirroring instances x-vmw-nsx-module: PolicyOperations PortMirroringProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: destination_group: description: | Data from source group will be copied to members of destination group. Only IPSET group and group with membership criteria VM is supported. IPSET group allows only three ip's. title: |- Destination group path type: string direction: default: BIDIRECTIONAL description: |- Port mirroring profile direction enum: - INGRESS - EGRESS - BIDIRECTIONAL title: |- Direction type: string encapsulation_type: default: GRE description: |- User can provide Mirror Destination type e.g GRE, ERSPAN_TWO or ERSPAN_THREE.If profile type is REMOTE_L3_SPAN, encapsulation type is used else ignored. enum: - GRE - ERSPAN_TWO - ERSPAN_THREE title: |- Mirror Destination encapsulation type type: string erspan_id: default: 0 description: | Used by physical switch for the mirror traffic forwarding. Must be provided and only effective when encapsulation type is ERSPAN type II or type III. format: int32 maximum: 1023 minimum: 0 title: |- ERSPAN session id type: integer filter_action: default: INCLUDE description: | If set to INCLUDE, packets matching all filters will be mirrored. If set to EXCLUDE, packets NOT matching any filters will be mirrored. enum: - INCLUDE - EXCLUDE title: |- Action to include or exclude traffic for all filter in port_mirroring_filters type: string gre_key: default: 0 description: |- User-configurable 32-bit key only for GRE format: int32 minimum: 0 title: |- GRE encapsulation key type: integer port_mirroring_filters: description: |- An array of 5-tuples used to filter packets for the mirror session. If not provided, all the packets will be mirrored. This field is with filter_action which defines whether packets matching the filter will be included or excluded items: $ref: '#/definitions/PortMirrorFilter' maxItems: 1 minItems: 0 title: |- Port mirroring filter type: array profile_type: default: REMOTE_L3_SPAN description: |- Allows user to select type of port mirroring session. enum: - REMOTE_L3_SPAN - LOGICAL_SPAN type: string snap_length: description: | If this property is set, the packet will be truncated to the provided length. If this property is unset, entire packet will be mirrored. format: int32 maximum: 65535 minimum: 60 title: |- Maximum packet length for packet truncation type: integer tcp_ip_stack: default: Default description: |- User can provide Mirror stack or Default stack to send mirror traffic. If profile type is REMOTE_L3_SPAN, tcp_ip_stack type is used else ignored. enum: - Default - Mirror title: |- Mirror Destination encapsulation type type: string required: - destination_group type: object x-vmw-nsx-module: PolicyPortMirroring description: |- Mirrors Data from source to destination title: |- Mirrors Data from source to destination x-vmw-nsx-module: PolicyPortMirroring PortMirroringProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Port Mirroring Profiles list results items: $ref: '#/definitions/PortMirroringProfile' title: |- Port Mirroring Profiles list results type: array required: - results type: object x-vmw-nsx-module: PolicyPortMirroring description: |- Paged collection of port mirroring profiles title: |- Paged collection of port mirroring profiles x-vmw-nsx-module: PolicyPortMirroring PortMonitoringProfileBindingMap: allOf: - $ref: '#/definitions/MonitoringProfileBindingMap' - properties: ipfix_l2_profile_path: description: |- PolicyPath of associated IPFIX L2 Profile title: |- IPFIX L2 Profile Path type: string port_mirroring_profile_path: description: |- PolicyPath of associated Port Mirroring Profile title: |- Port Mirroring Profile Path type: string type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: | This entity will be used to establish association between monitoring profile and Port. Using this entity, user can specify intent for applying monitoring profile to particular Port. Port here is Segment Port. title: |- Port Monitoring Profile binding map x-vmw-nsx-module: PolicyMonitoringProfileBinding PortMonitoringProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Port Monitoring Profile Binding Map list results items: $ref: '#/definitions/PortMonitoringProfileBindingMap' title: |- Port Monitoring Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: |- Paged collection of Port Monitoring Profile Binding Maps title: |- Paged collection of Port Monitoring Profile Binding Maps x-vmw-nsx-module: PolicyMonitoringProfileBinding PortQoSProfileBindingMap: allOf: - $ref: '#/definitions/QoSProfileBindingMap' - properties: qos_profile_path: description: |- PolicyPath of associated QoS Profile title: |- QoS Profile Path type: string type: object x-vmw-nsx-module: PolicyQoSProfileBinding description: | This entity will be used to establish association between qos profile and Port. Using this entity, you can specify intent for applying qos profile to particular Port. Port here is Segment Port. title: |- Port QoS Profile binding map x-vmw-nsx-module: PolicyQoSProfileBinding PortQoSProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Port QoS Profile Binding Map list results items: $ref: '#/definitions/PortQoSProfileBindingMap' title: |- Port QoS Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyQoSProfileBinding description: |- Paged collection of Port QoS Profile Binding Maps title: |- Paged collection of Port QoS Profile Binding Maps x-vmw-nsx-module: PolicyQoSProfileBinding PortSecurityProfileBindingMap: allOf: - $ref: '#/definitions/SecurityProfileBindingMap' - properties: segment_security_profile_path: description: |- The policy path of the asscociated Segment Security profile title: |- Segment Security Profile Path type: string spoofguard_profile_path: description: |- The policy path of the asscociated SpoofGuard profile title: |- SpoofGuard Profile Path type: string type: object x-vmw-nsx-module: PolicySecurityProfileBinding description: | Contains the binding relationship between port and security profile. title: |- Security profile binding map for port x-vmw-nsx-module: PolicySecurityProfileBinding PortSecurityProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Port security profile binding map list results items: $ref: '#/definitions/PortSecurityProfileBindingMap' title: |- Port security profile binding map list results type: array required: - results type: object x-vmw-nsx-module: PolicySecurityProfileBinding description: |- Paged collection of port security profile binding maps title: |- Paged collection of port security profile binding maps x-vmw-nsx-module: PolicySecurityProfileBinding PrecheckParameters: description: |- Parameters for nvds upgrade precheck properties: cluster_ids: description: |- Cluster ID list for nvds upgrade precheck items: type: string readOnly: true title: |- Cluster ID list for nvds upgrade precheck type: array title: |- Parameters for nvds upgrade precheck type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck PreconfiguredEndpoint: description: |- Tunnel endpoint configuration of preconfigured host switch properties: device_name: description: |- Name of the virtual tunnel endpoint readOnly: false title: |- Name of the virtual tunnel endpoint type: string required: - device_name title: |- Tunnel endpoint configuration of preconfigured host switch type: object x-vmw-nsx-module: TransportNode PreconfiguredHostSwitch: description: |- Preconfigured host switch is used for manually configured transport node. properties: endpoints: description: |- List of virtual tunnel endpoints which are preconfigured on this host switch items: $ref: '#/definitions/PreconfiguredEndpoint' maxItems: 1 title: |- List of virtual tunnel endpoints which are preconfigured on this host switch type: array host_switch_id: description: |- External Id of the preconfigured host switch. readOnly: false title: |- External Id of the preconfigured host switch. type: string transport_zone_endpoints: description: |- List of TransportZones that are to be associated with specified host switch. items: $ref: '#/definitions/TransportZoneEndPoint' readOnly: false title: |- Transport zone endpoints. type: array required: - host_switch_id title: |- Preconfigured host switch type: object x-vmw-nsx-module: TransportNode PreconfiguredHostSwitchSpec: allOf: - $ref: '#/definitions/HostSwitchSpec' - properties: host_switches: description: |- Preconfigured Transport Node host switches items: $ref: '#/definitions/PreconfiguredHostSwitch' maxItems: 1 title: |- Preconfigured Transport Node host switches type: array required: - host_switches type: object x-vmw-nsx-module: TransportNode description: |- Preconfigured host switch specification is used for manually configured transport node. It is user's responsibility to ensure correct configuration is provided to NSX. This type is only valid for supported KVM fabric nodes. title: |- Specification of transport node preconfigured host switch x-vmw-nsx-module: TransportNode PrefixEntry: description: |- Network prefix entry properties: action: default: PERMIT description: | Action for the prefix list. enum: - PERMIT - DENY title: |- Action for the prefix list type: string ge: description: | Prefix length greater than or equal to. format: int32 maximum: 128 minimum: 1 title: |- Prefix length greater than or equal to type: integer le: description: | Prefix length less than or equal to. format: int32 maximum: 128 minimum: 1 title: |- Prefix length less than or equal to type: integer network: description: | Network prefix in CIDR format. "ANY" matches all networks. title: |- Network prefix in CIDR format type: string required: - network title: |- Network prefix entry type: object x-vmw-nsx-module: PolicyConnectivity PrefixList: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: prefixes: description: | Specify ordered list of network prefixes. items: $ref: '#/definitions/PrefixEntry' minItems: 1 title: |- Ordered list of network prefixes type: array required: - prefixes type: object x-vmw-nsx-module: PolicyConnectivity description: |- A named list of prefixes for routing purposes. title: |- A named list of prefixes for routing purposes x-vmw-nsx-module: PolicyConnectivity PrefixListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- PrefixList results items: $ref: '#/definitions/PrefixList' title: |- PrefixList results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of PrefixLists title: |- Paged collection of PrefixLists x-vmw-nsx-module: PolicyConnectivity Principal: properties: attributes: description: |- Attribute list. items: $ref: '#/definitions/KeyValue' readOnly: false type: array required: - attributes type: object x-vmw-nsx-module: CertificateManager ProcessInformation: description: | Describes a process detail informaiton. properties: command: description: |- Display the command line used to start the process. title: |- Display process command type: string cpu_usage: description: | The process's share of the elapsed CPU time since the last screen update, expressed as a percentage of total CPU time. title: |- CPU usage type: number memory_usage: description: | A process's currently used share of available physical memory. title: |- Memory usage type: number nice_value: description: | A negative nice value means higher priority, whereas a positive nice value means lower priority. Zero in this field simply means priority will not be adjusted in determining a process's dispatch-ability. title: |- The nice value of the process type: string process_id: description: |- Display the process id. title: |- Process id type: string resident_memory_size: description: |- The non-swapped physical memoery a task is using. title: |- Resident Memory Size (MB) type: number shared_memory_size: description: | The amount of shared memory available to a process, not all of which is typically resident. It simply reflects memory that could be potentially shared with other processes. title: |- Shared Memory Size (MB) type: number user: description: |- Display the process user. title: |- Process user type: string virtual_memory_size: description: | The total amount of virtual memory used by the process. It includes all code, data and shared libraries plus pages that have been swapped out and pages that have been mapped but not used. title: |- Virtual Memory Size (MB) type: number title: |- Process information type: object x-vmw-nsx-module: ShaApplianceMonitor ProfileBindingMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: profile_path: description: |- PolicyPath of associated Profile title: |- Profile Path type: string required: - profile_path type: object x-vmw-nsx-module: PolicyProfile description: | This entity will be used to establish association between profile and policy entities. title: |- Policy base profile binding map x-vmw-nsx-module: PolicyProfile PropertyItem: description: |- Represents a label-value pair. properties: condition: description: |- If the condition is met then the property will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. maxLength: 1024 title: |- Expression for evaluating condition type: string drilldown_id: description: |- Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. title: |- Id of drilldown widget type: string field: description: |- Represents field value of the property. maxLength: 1024 title: |- Field of the Property type: string heading: default: false description: |- Set to true if the field is a heading. Default is false. title: |- If true, represents the field as a heading type: boolean label: $ref: '#/definitions/Label' label_value_separator: description: |- Label value separator used between label and value. It can be any separator like ":" or "-". title: |- Labale value separator used between label and value type: string navigation: description: |- Hyperlink of the specified UI page that provides details. This will be linked with value of the property. maxLength: 1024 title: |- Navigation to a specified UI page type: string render_configuration: description: |- Render configuration to be applied, if any. items: $ref: '#/definitions/RenderConfiguration' title: |- Render Configuration type: array rowspan: description: |- Represent the vertical span of the widget / container format: int32 minimum: 1 title: |- Vertical span type: integer separator: default: false description: |- If true, separates this property in a widget. title: |- A separator after this property type: boolean span: description: |- Represent the horizontal span of the widget / container. format: int32 maximum: 12 minimum: 1 title: |- Horizontal span type: integer style: description: |- A style object applicable for the property item. It could be the any padding, margin style sheet applicable to the property item. A 'style' property is supported in case of layout 'AUTO' only. title: |- A Style object applicable for the Property Item type: object type: default: String description: |- Data type of the field. enum: - String - Number - Date - Url maxLength: 255 title: |- field data type type: string required: - field - type title: |- LabelValue Property type: object x-vmw-nsx-module: NsxDashboard QoSBaseRateLimiter: description: |- A Limiter configuration entry that specifies type and metrics discriminator: resource_type properties: enabled: type: boolean resource_type: description: | Type rate limiter enum: - IngressRateLimiter - IngressBroadcastRateLimiter - EgressRateLimiter type: string required: - enabled - resource_type title: |- A Limiter configuration entry that specifies type and metrics type: object x-vmw-nsx-module: PolicyQoS QoSDscp: description: |- Dscp value is ignored in case of 'TRUSTED' DscpTrustMode. properties: mode: description: | When you select the Trusted mode the inner header DSCP value is applied to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic, the outer IP header takes the default value.Untrusted mode is supported on overlay-based and VLAN-based logical port. enum: - TRUSTED - UNTRUSTED type: string priority: default: 0 description: |- Internal Forwarding Priority format: int32 maximum: 63 minimum: 0 title: |- Internal Forwarding Priority type: integer title: |- One of QoS or Encapsulated-Remote-Switched-Port-Analyzer type: object x-vmw-nsx-module: PolicyQoS QoSProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: class_of_service: default: 0 description: | Class of service groups similar types of traffic in the network and each type of traffic is treated as a class with its own level of service priority. The lower priority traffic is slowed down or in some cases dropped to provide better throughput for higher priority traffic. format: int32 maximum: 7 minimum: 0 title: |- Class of service type: integer dscp: $ref: '#/definitions/QoSDscp' shaper_configurations: description: |- Array of Rate limiter configurations to applied on Segment or Port. items: $ref: '#/definitions/QoSBaseRateLimiter' maxItems: 3 minItems: 0 type: array type: object x-vmw-nsx-module: PolicyQoS x-vmw-nsx-module: PolicyQoS QoSProfileBindingMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - type: object x-vmw-nsx-module: PolicyQoSProfileBinding description: |- Base QoS Profile Binding Map title: |- Base QoS Profile Binding Map x-vmw-nsx-module: PolicyQoSProfileBinding QoSProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- QoS profiles list results items: $ref: '#/definitions/QoSProfile' title: |- QoS profiles list results type: array required: - results type: object x-vmw-nsx-module: PolicyQoS description: |- Paged collection of QoS profiles title: |- Paged collection of QoS profiles x-vmw-nsx-module: PolicyQoS RAConfig: properties: hop_limit: default: 64 description: | The maximum number of hops through which packets can pass before being discarded. format: int64 maximum: 255 minimum: 0 title: |- Hop limit type: integer prefix_lifetime: default: 2592000 description: | The time interval in seconds, in which the prefix is advertised as valid. format: int64 maximum: 4294967295 minimum: 0 title: |- Lifetime of prefix type: integer prefix_preferred_time: default: 604800 description: | The time interval in seconds, in which the prefix is advertised as preferred. format: int64 maximum: 4294967295 minimum: 0 title: |- Prefix preferred time type: integer ra_interval: default: 600 description: | Interval between 2 Router advertisement in seconds. format: int64 maximum: 1800 minimum: 4 title: |- RA interval type: integer router_lifetime: default: 1800 description: | Router lifetime value in seconds. A value of 0 indicates the router is not a default router for the receiving end. Any other value in this field specifies the lifetime, in seconds, associated with this router as a default router. format: int64 maximum: 65520 minimum: 0 title: |- Lifetime of router type: integer router_preference: default: MEDIUM description: | NDRA Router preference value with MEDIUM as default. If the router_lifetime is 0, the preference must be set to MEDIUM. enum: - LOW - MEDIUM - HIGH - RESERVED type: string type: object x-vmw-nsx-module: Routing RaDNSConfig: properties: dns_server: description: | DNS server. items: description: |- IPv6 address format: ipv6 type: string maxItems: 8 title: |- DNS server type: array dns_server_lifetime: default: 1800000 description: |- Lifetime of DNS server in milliseconds format: int64 maximum: 4294967295 minimum: 0 title: |- Lifetime of DNS server in milliseconds type: integer domain_name: description: | Domain name in RA message. items: type: string maxItems: 8 title: |- Domain name type: array domain_name_lifetime: default: 1800000 description: |- Lifetime of Domain names in milliseconds format: int64 maximum: 4294967295 minimum: 0 title: |- Lifetime of Domain names in milliseconds type: integer type: object x-vmw-nsx-module: Routing Reaction: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: actions: description: | Actions that need to be taken when the events occur. These actions must appear in the order that they need to be taken in. This field can be interpreted as the HOW of the Reaction, or simply as "Then That". items: $ref: '#/definitions/Action' maxItems: 1 minItems: 1 title: |- Reaction Actions type: array events: description: | Events that provide contextual variables about what the reaction should react to. This field can be interpreted as the WHAT of the Reaction, or simply as "If This" Clause. items: $ref: '#/definitions/Event' maxItems: 1 minItems: 1 title: |- Reaction Events type: array required: - events - actions type: object x-vmw-nsx-module: PolicyReaction description: | Reaction represents a programmable entity which encapsulates the events and the actions in response to the events, or simply "If This Then That". title: |- Reaction x-vmw-nsx-module: PolicyReaction ReactionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Reaction list results. items: $ref: '#/definitions/Reaction' title: |- Reaction list results type: array required: - results type: object x-vmw-nsx-module: PolicyReaction description: |- Paged Collection of Reactions. title: |- Paged Collection of Reactions x-vmw-nsx-module: PolicyReaction RealizedEnforcementPoint: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: realized_firewalls: $ref: '#/definitions/RealizedFirewalls' realized_groups: $ref: '#/definitions/RealizedGroups' realized_services: $ref: '#/definitions/RealizedServices' type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Enforcement Point title: |- Realized Enforcement Point x-vmw-nsx-module: PolicyRealizedState RealizedEnforcementPointListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of Enforcement Point's items: $ref: '#/definitions/RealizedEnforcementPoint' title: |- Paged Collection of Enforcement Point's type: array type: object x-vmw-nsx-module: PolicyRealizedState x-vmw-nsx-module: PolicyRealizedState RealizedFirewall: allOf: - $ref: '#/definitions/PolicyRealizedResource' - discriminator: resource_type properties: resource_type: enum: - RealizedFirewallSection type: string required: - resource_type type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized firewall title: |- Realized firewall x-vmw-nsx-module: PolicyRealizedState RealizedFirewallRule: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: action: description: |- Action enforced on the packets which matches the firewall rule. enum: - ALLOW - DROP - REJECT readOnly: true title: |- Action type: string destinations: description: |- List of the destinations. Null will be treated as any. items: $ref: '#/definitions/ResourceReference' maxItems: 128 readOnly: true title: |- Destination List type: array direction: default: IN_OUT description: |- Rule direction in case of stateless firewall rules. This will only considered if section level parameter is set to stateless. Default to IN_OUT if not specified. enum: - IN - OUT - IN_OUT readOnly: true title: |- Rule direction type: string disabled: description: |- Flag to disable rule. Disabled will only be persisted but never provisioned/realized. readOnly: true title: |- Rule enable/disable flag type: boolean services: description: |- List of the services. Null will be treated as any. items: $ref: '#/definitions/ResourceReference' maxItems: 128 readOnly: true title: |- Service List type: array sources: description: |- List of sources. Null will be treated as any. items: $ref: '#/definitions/ResourceReference' maxItems: 128 readOnly: true title: |- Source List type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Firewall Rule title: |- Realized Firewall Rule x-vmw-nsx-module: PolicyRealizedState RealizedFirewallSection: allOf: - $ref: '#/definitions/RealizedFirewall' - properties: rule_count: description: |- Number of rules in this section. format: int64 readOnly: true title: |- Rule count type: integer rules: description: |- List of firewall rules in the section. items: $ref: '#/definitions/RealizedFirewallRule' readOnly: true title: |- List of the firewall rules type: array section_type: description: |- Type of the rules which a section can contain. enum: - LAYER2 - LAYER3 readOnly: true title: |- Section Type type: string type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Firewall section title: |- Realized Firewall section x-vmw-nsx-module: PolicyRealizedState RealizedFirewallSectionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of firewall sections items: $ref: '#/definitions/RealizedFirewallSection' readOnly: true title: |- Paged Collection of firewall sections type: array type: object x-vmw-nsx-module: PolicyRealizedState x-vmw-nsx-module: PolicyRealizedState RealizedFirewalls: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: realized_firewalls: description: |- list of realized firewalls items: $ref: '#/definitions/RealizedFirewall' readOnly: true title: |- list of realized firewalls type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized firewalls title: |- Realized firewalls x-vmw-nsx-module: PolicyRealizedState RealizedGroup: allOf: - $ref: '#/definitions/PolicyRealizedResource' - discriminator: resource_type properties: resource_type: enum: - RealizedNSGroup - RealizedSecurityGroup type: string required: - resource_type type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized group title: |- Realized group x-vmw-nsx-module: PolicyRealizedState RealizedGroups: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: realized_groups: description: |- list of realized groups items: $ref: '#/definitions/RealizedGroup' readOnly: true title: |- list of realized groups type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized groups title: |- Realized groups x-vmw-nsx-module: PolicyRealizedState RealizedLogicalPort: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: logical_port_id: description: |- The id of the logical port readOnly: true title: |- The id of the logical port type: string status: description: |- The Operational status of the logical port enum: - UP - DOWN - UNKNOWN readOnly: true title: |- The Operational status of the logical port type: string type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Logical Port title: |- Realized Logical Port x-vmw-nsx-module: PolicyRealizedState RealizedLogicalSwitch: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: logical_switch_id: description: |- Id of the logical switch readOnly: true title: |- Id of the logical switch type: string transport_zone_id: description: |- Transport zone identifier readOnly: true title: |- Transport zone identifier type: string type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Logical Switch title: |- Realized Logical Switch x-vmw-nsx-module: PolicyRealizedState RealizedNSGroup: allOf: - $ref: '#/definitions/RealizedGroup' - properties: evaluations: description: | Reference to the evaluated members of the NSGroup. items: $ref: '#/definitions/RealizedNSGroupMemberEvaluation' maxItems: 500 readOnly: true title: |- Evaluated members of NSGroup type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Network and Security Group title: |- Realized Network and Security Group x-vmw-nsx-module: PolicyRealizedState RealizedNSGroupMemberEvaluation: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: logical_ports: description: |- list of logical ports items: $ref: '#/definitions/RealizedLogicalPort' readOnly: true title: |- list of logical ports type: array logical_switches: description: |- list of logical switches items: $ref: '#/definitions/RealizedLogicalSwitch' readOnly: true title: |- list of logical switches type: array member_count: description: |- Count of the members added to this NSGroup format: int64 readOnly: true title: |- Count of the members added to this NSGroup type: integer virtual_machines: description: |- list of virtual machines items: $ref: '#/definitions/RealizedVirtualMachine' readOnly: true title: |- list of virtual machines type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized NSGroup member evaluation title: |- Realized NSGroup member evaluation x-vmw-nsx-module: PolicyRealizedState RealizedNSService: allOf: - $ref: '#/definitions/RealizedService' - properties: service_type: description: |- Realized nsservice type enum: - SERVICE - SERVICE_GROUP readOnly: true title: |- Realized nsservice type type: string type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized NSService title: |- Realized NSService x-vmw-nsx-module: PolicyRealizedState RealizedSecurityGroup: allOf: - $ref: '#/definitions/RealizedGroup' - properties: evaluations: description: | Reference to the evaluted members of the Security Group. items: $ref: '#/definitions/RealizedSecurityGroupMemberEvaluation' maxItems: 500 readOnly: true title: |- Evaluated members of Security Group type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Network and Security Group title: |- Realized Network and Security Group x-vmw-nsx-module: PolicyRealizedState RealizedSecurityGroupListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of realized Security Groups items: $ref: '#/definitions/RealizedSecurityGroup' readOnly: true title: |- Paged Collection of realized Security Groups type: array type: object x-vmw-nsx-module: PolicyRealizedState x-vmw-nsx-module: PolicyRealizedState RealizedSecurityGroupMemberEvaluation: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: member_count: description: |- Count of the members added to this Security Group format: int64 readOnly: true title: |- Count of the members added to this Security Group type: integer virtual_machines: description: |- list of virtual machines items: $ref: '#/definitions/RealizedVirtualMachine' readOnly: true title: |- list of virtual machines type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Security Group member evaluation title: |- Realized Security Group member evaluation x-vmw-nsx-module: PolicyRealizedState RealizedService: allOf: - $ref: '#/definitions/PolicyRealizedResource' - discriminator: resource_type properties: resource_type: description: |- Realized services enum: - RealizedNSService title: |- Realized services type: string required: - resource_type type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Service title: |- Realized Service x-vmw-nsx-module: PolicyRealizedState RealizedServices: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: realized_services: description: |- List of realized services items: $ref: '#/definitions/RealizedService' readOnly: true title: |- List of realized services type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized services title: |- Realized services x-vmw-nsx-module: PolicyRealizedState RealizedVirtualMachine: allOf: - $ref: '#/definitions/PolicyRealizedResource' - properties: compute_ids: description: |- List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx'] items: type: string readOnly: true title: |- List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx'] type: array host_id: description: |- Id of the host on which the vm exists. readOnly: true title: |- Id of the host on which the vm exists. type: string local_id_on_host: description: |- Id of the vm unique within the host. readOnly: true title: |- Id of the vm unique within the host. type: string power_state: description: |- Current power state of this virtual machine in the system. enum: - VM_RUNNING - VM_STOPPED - VM_SUSPENDED - UNKNOWN readOnly: true title: |- Current power state of this virtual machine in the system. type: string type: object x-vmw-nsx-module: PolicyRealizedState description: |- Realized Virtual Machine title: |- Realized Virtual Machine x-vmw-nsx-module: PolicyRealizedState RealizedVirtualMachineListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of VMs items: $ref: '#/definitions/RealizedVirtualMachine' title: |- Paged Collection of VMs type: array type: object x-vmw-nsx-module: PolicyGroupStatistics x-vmw-nsx-module: PolicyGroupStatistics RecommendedFeaturePermission: description: |- Recommended Feature Permission properties: recommended_permissions: description: |- Permission items: type: string title: |- Permission type: array src_features: description: |- List of source features items: type: string title: |- List of source features type: array target_feature: description: |- Feature title: |- Feature type: string required: - src_features - target_feature - recommended_permissions title: |- Recommended Feature Permission type: object x-vmw-nsx-module: AAA RecommendedFeaturePermissionListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List results items: $ref: '#/definitions/RecommendedFeaturePermission' title: |- List results type: array required: - results type: object x-vmw-nsx-module: AAA x-vmw-nsx-module: AAA RedirectionPolicy: allOf: - $ref: '#/definitions/Policy' - properties: north_south: description: | This is the read only flag which will state the direction of this | redirection policy. True denotes that it is NORTH-SOUTH and false | value means it is an EAST-WEST redirection policy. readOnly: true title: |- Flag to denote whether it is north south policy type: boolean redirect_to: description: | Paths to which traffic will be redirected to. As of now, only 1 is | supported. Paths allowed are | 1. Policy Service Instance | 2. Service Instance Endpoint | 3. Virtual Endpoint | 4. Policy Service Chain items: type: string maxItems: 1 title: |- List of redirect to target paths type: array rules: description: | Redirection rules that are a part of this RedirectionPolicy. At max, there can be 1000 rules in a given RedirectPolicy. items: $ref: '#/definitions/RedirectionRule' maxItems: 1000 title: |- Redirection rules that are a part of this RedirectionPolicy type: array type: object x-vmw-nsx-module: PolicyServiceInsertion description: | Ordered list of rules long with the path of PolicyServiceInstance to which the traffic needs to be redirected. | Please note that the scope property must be provided for NS redirection | policy if redirect to is a service chain. For NS, when redirect to is not | to the service chain, and scope is specified on RedirectionPolicy, it | will be ignored. The scope will be determined from redirect to path | instead. For EW policy, scope must not be supplied in the request. | Path to either Tier0 or Tier1 is allowed as the scope. Only 1 path | can be specified as a scope. | Also, note that, if stateful flag is not sent, it will be treated as true. If statelessness is intended, false must be sent explicitly as the value | for stateful field. title: | Contains ordered list of rules and path to PolicyServiceInstance x-vmw-nsx-module: PolicyServiceInsertion RedirectionPolicyListResult: allOf: - $ref: '#/definitions/PolicyListResult' - properties: results: description: |- Redirection policy list results items: $ref: '#/definitions/RedirectionPolicy' title: |- Redirection policy list results type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Paged Collection of Redirection Policies title: |- Paged Collection of Redirection Policies x-vmw-nsx-module: PolicyServiceInsertion RedirectionRule: allOf: - $ref: '#/definitions/BaseRule' - properties: action: description: | The action to be applied to all the services enum: - REDIRECT - DO_NOT_REDIRECT title: |- Action type: string type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- It define redirection rule for service insertion title: |- It define redirection rule for service insertion x-vmw-nsx-module: PolicyServiceInsertion RedirectionRuleListResult: allOf: - $ref: '#/definitions/BaseRuleListResult' - properties: results: description: |- RedirectionRule list results items: $ref: '#/definitions/RedirectionRule' title: |- RedirectionRule list results type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Paged Collection of RedirectionRules title: |- Paged Collection of RedirectionRules x-vmw-nsx-module: PolicyServiceInsertion RegistrationToken: description: |- Appliance registration access token properties: roles: description: |- List results items: type: string title: |- List results type: array token: description: |- Access token title: |- Access token type: string user: description: |- User delegated by token title: |- User delegated by token type: string required: - roles title: |- Appliance registration access token type: object x-vmw-nsx-module: RegistrationTokenEndPoint RelatedApiError: description: |- Detailed information about a related API error properties: details: description: |- Further details about the error title: |- Further details about the error type: string error_code: description: |- A numeric error code format: int64 title: |- A numeric error code type: integer error_data: description: |- Additional data about the error title: |- Additional data about the error type: object error_message: description: |- A description of the error title: |- A description of the error type: string module_name: description: |- The module name where the error occurred title: |- The module name where the error occurred type: string title: |- Detailed information about a related API error type: object x-vmw-nsx-module: Common RelatedAttribute: description: | Related attribute on the target resource for conditional constraints based on related attribute value. Example - destinationGroups/service/action is related attribute of sourceGroups in communcation entry. properties: attribute: description: |- Related attribute name on the target entity. title: |- Related attribute name on the target entity. type: string required: - attribute title: |- Related attribute details. type: object x-vmw-nsx-module: PolicyConstraints RelatedAttributeConditionalExpression: allOf: - $ref: '#/definitions/ConstraintExpression' - properties: condition: $ref: '#/definitions/ConditionalValueConstraintExpression' related_attribute: $ref: '#/definitions/RelatedAttribute' required: - related_attribute - condition type: object x-vmw-nsx-module: PolicyConstraints description: | Represents the leaf level type expression to express constraint as value of realted attribute to the target. Example - Constraint traget attribute 'X' (example in Constraint), if destinationGroups contains 'vCeneter' then allow only values "HTTPS", "HTTP" for attribute X. { "target":{ "target_resource_type":"CommunicationEntry", "attribute":"services", "path_prefix": "/infra/domains/{{DOMAIN}}/edge-communication-maps/default/communication-entries/" }, "constraint_expression": { "resource_type": "RelatedAttributeConditionalExpression", "related_attribute":{ "attribute":"destinationGroups" }, "condition" : { "operator":"INCLUDES", "rhs_value": ["/infra/domains/mgw/groups/VCENTER"], "value_constraint": { "resource_type": "ValueConstraintExpression", "operator":"INCLUDES", "values":["/infra/services/HTTP", "/infra/services/HTTPS"] } } } } title: | Represents the leaf level type expression to express constraint as value of realted attribute to the target. Uses ConditionalValueConstraintExpression to constrain the target value based on the related attribute value on the same resource. x-vmw-nsx-module: PolicyConstraints RemoteFileServer: description: |- Remote file server properties: directory_path: description: |- Remote server directory to copy bundle files to title: |- Remote server directory to copy bundle files to type: string port: default: 22 description: |- Server port format: int64 maximum: 65535 minimum: 1 title: |- Server port type: integer protocol: $ref: '#/definitions/FileTransferProtocol' server: description: |- Remote server hostname or IP address format: hostname-or-ip title: |- Remote server hostname or IP address type: string required: - directory_path - protocol - server title: |- Remote file server type: object x-vmw-nsx-module: BackupConfiguration RemoteServerFingerprint: description: |- Remote server properties: port: default: 22 description: |- Server port format: int64 maximum: 65535 minimum: 1 title: |- Server port type: integer server: description: |- Remote server hostname or IP address format: hostname-or-ip title: |- Remote server hostname or IP address type: string ssh_fingerprint: description: |- SSH fingerprint of server title: |- SSH fingerprint of server type: string required: - ssh_fingerprint - server title: |- Remote server type: object x-vmw-nsx-module: BackupConfiguration RemoteServerFingerprintRequest: description: |- Remote server properties: port: default: 22 description: |- Server port format: int64 maximum: 65535 minimum: 1 title: |- Server port type: integer server: description: |- Remote server hostname or IP address format: hostname-or-ip title: |- Remote server hostname or IP address type: string required: - server title: |- Remote server type: object x-vmw-nsx-module: BackupConfiguration RemoteTunnelEndpoint: allOf: - $ref: '#/definitions/Endpoint' - properties: vlan: description: |- Vlan id format: int64 readOnly: true type: integer type: object x-vmw-nsx-module: TransportNode description: |- Remote tunnel endpoint title: |- Remote tunnel endpoint x-vmw-nsx-module: TransportNode RemoteTunnelEndpointConfigState: description: |- Remote tunnel endpoint configuration state properties: endpoints: description: |- List of remote tunnel endpoints which are configured on this node items: $ref: '#/definitions/RemoteTunnelEndpoint' readOnly: true title: |- List of remote tunnel endpoints which are configured on this node type: array title: |- Remote tunnel endpoint configuration state type: object x-vmw-nsx-module: TransportNode RenderConfiguration: description: |- Render configuration to be applied to the widget. properties: color: description: |- The color to use when rendering an entity. For example, set color as 'RED' to render a portion of donut in red. title: |- Color of the entity type: string condition: description: |- If the condition is met then the rendering specified for the condition will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. maxLength: 1024 title: |- Expression for evaluating condition type: string display_value: description: |- If specified, overrides the field value. This can be used to display a meaningful value in situations where field value is not available or not configured. maxLength: 255 title: |- Overridden value to display, if any type: string icons: description: |- Icons to be applied at dashboard for widgets and UI elements. items: $ref: '#/definitions/Icon' minItems: 0 title: |- Icons type: array tooltip: description: |- Multi-line text to be shown on tooltip while hovering over the UI element if the condition is met. items: $ref: '#/definitions/Tooltip' minItems: 0 title: |- Multi-line tooltip type: array title: |- Render Configuration type: object x-vmw-nsx-module: NsxDashboard Resource: description: |- Base class for resources properties: _links: description: |- The server will populate this field when returing the resource. Ignored on PUT and POST. items: $ref: '#/definitions/ResourceLink' readOnly: true title: |- References related to this resource type: array _schema: description: |- Schema for this resource readOnly: true title: |- Schema for this resource type: string _self: $ref: '#/definitions/SelfResourceLink' title: |- Base class for resources type: object x-vmw-nsx-module: Common ResourceAllocation: description: | Specify limit, shares and reservation for all kinds of traffic. Values for limit and reservation are expressed in percentage. And for shares, the value is expressed as a number between 1-100. The overall reservation among all traffic types should not exceed 75%. Otherwise, the API request will be rejected. properties: limit: default: -1.0 description: | The limit property specifies the maximum bandwidth allocation for a given traffic type and is expressed in percentage. The default value for this field is set to -1 which means the traffic is unbounded for the traffic type. All other negative values for this property is not supported and will be rejected by the API. maximum: 100 minimum: -1 title: |- Maximum bandwidth percentage type: number reservation: default: 0.0 description: |- Minimum guaranteed bandwidth percentage maximum: 75 minimum: 0 title: |- Minimum guaranteed bandwidth percentage type: number shares: default: 50 description: |- Shares format: int32 maximum: 100 minimum: 1 title: |- Shares type: integer traffic_type: $ref: '#/definitions/HostInfraTrafficType' required: - reservation - traffic_type - limit - shares title: |- Resource allocation information for a host infrastructure traffic type type: object x-vmw-nsx-module: NiocProfile ResourceFieldPointer: description: |- Resource Field Pointer representing the exact value within a policy object. properties: field_pointer: description: |- Field Pointer referencing the exact field within the policy object. title: |- Field Pointer type: string path: description: | Policy Path referencing a policy object. If not supplied, the field pointer will be applied to the event source. title: |- Resource Path type: string required: - field_pointer title: |- Resource Field Pointer type: object x-vmw-nsx-module: PolicyReaction ResourceInfo: description: | It represents the resource information which could identify resource. properties: resource_ids: description: | It will represent resource identifiers. For example, policy objects will be represented with paths and virtual machine will be represented with external ids. items: type: string title: |- Resource identifiers type: array resource_type: description: | It will represent resource type on which tag bulk operation to be performed. Supported resource type is VirtualMachine. title: |- Resource type type: string required: - resource_ids - resource_type title: |- Represents resources information type: object x-vmw-nsx-module: PolicyTag ResourceInfoListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Resource info list results items: $ref: '#/definitions/PolicyFineTuningResourceInfo' title: |- Resource info list results type: array required: - results type: object x-vmw-nsx-module: PolicyFineTuning description: |- Collection of resource info objects title: |- Collection of resource info objects x-vmw-nsx-module: PolicyFineTuning ResourceLink: description: |- A link to a related resource properties: action: description: |- Optional action readOnly: true title: |- Optional action type: string href: description: |- Link to resource readOnly: true title: |- Link to resource type: string rel: description: |- Custom relation type (follows RFC 5988 where appropriate definitions exist) readOnly: true title: |- Link relation type type: string title: |- A link to a related resource type: object x-vmw-nsx-module: Common ResourceOperation: allOf: - $ref: '#/definitions/Source' - properties: operation_types: description: |- Operation types. items: description: | Resource Operation Type represents a change in state of a resource with regard to the interaction with DAO layer: POST_CREATE: post-create change event. POST_UPDATE: post-update change event. PRE_DELETE: pre-delete change event. enum: - POST_CREATE - POST_UPDATE - PRE_DELETE type: string minItems: 1 title: |- Operation Types type: array resource_pointer: description: | Regex path representing a regex expression on resources. This regex is used to identify the object(s) that is/are the source of the Event. For instance: specifying "Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default" as a source means that ANY resource starting with Lb or ANY resource with "/infra/tier-0s/vmc/ipsec-vpn-services/default" as path would be the source of the event in question. title: |- Resource Pointer type: string required: - resource_pointer - operation_types type: object x-vmw-nsx-module: PolicyReaction description: | Resource Operation is an Event Source that represents a resource that is being changed at very specific points of time, with regard to its interaction with dao layer. title: |- Resource Operation x-vmw-nsx-module: PolicyReaction ResourceReference: description: |- A weak reference to an NSX resource. properties: is_valid: description: |- Will be set to false if the referenced NSX resource has been deleted. readOnly: true title: |- Target validity type: boolean target_display_name: description: |- Display name of the NSX resource. maxLength: 255 readOnly: true title: |- Target display name type: string target_id: description: |- Identifier of the NSX resource. maxLength: 64 readOnly: false title: |- Target ID type: string target_type: description: |- Type of the NSX resource. maxLength: 255 readOnly: false title: |- Target type type: string type: object x-vmw-nsx-module: Common ResourceTagStatus: description: | It represents tag operation status for a resource and details of the failure if any. properties: details: description: |- Details about the error if any title: |- Details about the error if any type: string resource_display_name: description: |- Resource display name title: |- Resource display name type: string resource_id: description: |- Resource id title: |- Resource id type: string tag_status: description: |- Status of tag apply or remove operation enum: - Success - Error title: |- Status of tag apply or remove operation type: string required: - tag_status - resource_id title: |- Tag operation status for a resource type: object x-vmw-nsx-module: PolicyTag ResourceTypeTagStatus: description: | Tag operation status for particular resource type and resource ids. properties: resource_tag_status: description: | List of resources on which tag needs to be applied. items: $ref: '#/definitions/ResourceTagStatus' title: |- List of resources on which tag needs to be applied type: array resource_type: description: |- Resource type title: |- Resource type type: string required: - resource_type title: |- Tag operation status for particular resource type and resource ids. type: object x-vmw-nsx-module: PolicyTag RestoreConfiguration: description: |- Configuration where backup files are stored for restore properties: passphrase: description: |- Passphrase used to encrypt backup files. title: |- Passphrase used to encrypt backup files. type: string remote_file_server: $ref: '#/definitions/RemoteFileServer' required: - remote_file_server title: |- Configuration where backup files are stored for restore type: object x-vmw-nsx-module: BackupConfiguration RestoreStep: description: |- Restore step info properties: description: description: |- Restore step description readOnly: true title: |- Restore step description type: string status: $ref: '#/definitions/PerStepRestoreStatus' step_number: description: |- Restore step number format: int64 readOnly: true title: |- Restore step number type: integer value: description: |- Restore step value readOnly: true title: |- Restore step value type: string title: |- Restore step info type: object x-vmw-nsx-module: ClusterRestore RevisionedResource: allOf: - $ref: '#/definitions/Resource' - properties: _revision: description: |- The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. format: int32 title: |- Generation of this resource config type: integer type: object x-vmw-nsx-module: Common description: |- A base class for types that track revisions title: |- A base class for types that track revisions x-vmw-nsx-module: Common Role: description: |- Role properties: role: description: |- Short identifier for the role. Must be all lower case with no spaces. title: |- Role identifier type: string role_display_name: description: |- A short, human-friendly display name of the role. title: |- Display name for role type: string required: - role title: |- Role type: object x-vmw-nsx-module: AAA RoleBinding: allOf: - $ref: '#/definitions/ManagedResource' - properties: identity_source_id: description: |- The ID of the external identity source that holds the referenced external entity. Currently, only external LDAP and OIDC servers are allowed. title: |- ID of the external identity source type: string identity_source_type: default: VIDM description: |- Identity source type enum: - VIDM - LDAP - OIDC title: |- Identity source type type: string name: description: |- User/Group's name readOnly: true title: |- User/Group's name type: string roles: description: |- The roles of the user. items: $ref: '#/definitions/Role' readOnly: true title: |- Roles type: array stale: description: |- Property 'stale' can be considered to have these values - absent - This type of rolebinding does not support stale property TRUE - Rolebinding is stale in vIDM meaning the user is no longer present in vIDM FALSE - Rolebinding is available in vIDM UNKNOWN - Rolebinding's state of staleness in unknown Once rolebindings become stale, they can be deleted using the API POST /aaa/role-bindings?action=delete_stale_bindings enum: - 'TRUE' - 'FALSE' - UNKNOWN readOnly: true title: |- Stale in vIDM type: string type: description: |- Type enum: - remote_user - remote_group - local_user - principal_identity readOnly: true title: |- Type type: string user_id: description: |- Local user's numeric id on the system. readOnly: true title: |- Local user's numeric id type: string type: object x-vmw-nsx-module: AAA description: |- User/Group's role binding title: |- User/Group's role binding x-vmw-nsx-module: AAA RoleBindingListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List results items: $ref: '#/definitions/RoleBinding' title: |- List results type: array required: - results type: object x-vmw-nsx-module: AAA x-vmw-nsx-module: AAA RoleListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List results items: $ref: '#/definitions/Role' title: |- List results type: array required: - results type: object x-vmw-nsx-module: AAA x-vmw-nsx-module: AAA RoleWithFeatures: allOf: - $ref: '#/definitions/ManagedResource' - properties: features: description: |- Features items: $ref: '#/definitions/FeaturePermission' title: |- Features type: array role: description: |- Short identifier for the role. Must be all lower case with no spaces. readOnly: true title: |- Role identifier type: string required: - features type: object x-vmw-nsx-module: AAA description: |- Role title: |- Role x-vmw-nsx-module: AAA RoleWithFeaturesListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List results items: $ref: '#/definitions/RoleWithFeatures' title: |- List results type: array required: - results type: object x-vmw-nsx-module: AAA x-vmw-nsx-module: AAA RouteAdvertisementRule: description: |- Route advertisement rules and filtering properties: action: default: PERMIT description: | Action to advertise filtered routes to the connected Tier0 gateway. PERMIT: Enables the advertisment DENY: Disables the advertisement enum: - PERMIT - DENY title: |- Action to advertise routes type: string name: description: | Display name should be unique. title: |- Display name for rule type: string prefix_operator: default: GE description: | Prefix operator to filter subnets. GE prefix operator filters all the routes with prefix length greater than or equal to the subnets configured. EQ prefix operator filter all the routes with prefix length equal to the subnets configured. enum: - GE - EQ title: |- Prefix operator to match subnets type: string route_advertisement_types: description: | Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised. items: description: | Control routes advertised by Tier-1 instance. TIER1_STATIC_ROUTES: Advertise all STATIC routes. TIER1_CONNECTED: Advertise all subnets configured on connected Interfaces and Segments. TIER1_NAT: Advertise all NAT IP addresses. TIER1_LB_VIP: Advertise all Load-balancer VIPs. TIER1_LB_SNAT: Advertise all Loadbalancer SNAT IP addresses. TIER1_DNS_FORWARDER_IP: Advertise DNS forwarder source and listener IPs TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets. enum: - TIER1_STATIC_ROUTES - TIER1_CONNECTED - TIER1_NAT - TIER1_LB_VIP - TIER1_LB_SNAT - TIER1_DNS_FORWARDER_IP - TIER1_IPSEC_LOCAL_ENDPOINT type: string title: |- Enable different types of route advertisements type: array subnets: description: | Network CIDRs to be routed. items: format: ip-cidr-block type: string title: |- Network CIDRs type: array required: - action - name title: |- Route advertisement rules and filtering type: object x-vmw-nsx-module: PolicyConnectivity RouteAggregationEntry: description: |- List of routes to be aggregated properties: prefix: description: |- CIDR of aggregate address format: ip-cidr-block title: |- CIDR of aggregate address type: string summary_only: default: true description: | Send only summarized route. Summarization reduces number of routes advertised by representing multiple related routes with prefix property. title: |- Send only summarized route type: boolean required: - prefix title: |- List of routes to be aggregated type: object x-vmw-nsx-module: PolicyConnectivity RouteBasedIPSecVpnSession: allOf: - $ref: '#/definitions/IPSecVpnSession' - properties: force_whitelisting: default: false description: | If true the default firewall rule Action is set to DROP, otherwise set to ALLOW. This field is deprecated and recommended to change Rule action field. Note that this field is not synchornied with default rule field. title: |- Flag to add default whitelisting Gateway Policy rule for the VTI interface. type: boolean x-deprecated: true tunnel_interfaces: description: |- IP Tunnel interfaces. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided. items: $ref: '#/definitions/IPSecVpnTunnelInterface' maxItems: 1 minItems: 1 title: |- IP Tunnel interfaces type: array type: object x-vmw-nsx-module: PolicyVpnIPSecVpn description: |- A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site. title: |- Route based VPN session x-vmw-nsx-module: PolicyVpnIPSecVpn RouteBasedL3VpnSession: allOf: - $ref: '#/definitions/L3VpnSession' - properties: default_rule_logging: default: false description: | Indicates if logging should be enabled for the default whitelisting rule for the VTI interface. title: |- Enable logging for whitelisted rule for the VTI interface type: boolean force_whitelisting: default: false description: | The default firewall rule Action is set to DROP if true otherwise set to ALLOW. title: |- Flag to add default whitelisting FW rule for the VTI interface. type: boolean routing_config_path: description: | This is a deprecated field. Any specified value is not saved and will be ignored. title: |- Routing configuration policy path type: string x-deprecated: true tunnel_subnets: description: | Virtual tunnel interface (VTI) port IP subnets to be used to configure route-based L3Vpn session. A max of one tunnel subnet is allowed. items: $ref: '#/definitions/TunnelSubnet' maxItems: 1 minItems: 1 title: |- Virtual Tunnel Interface (VTI) IP subnets type: array uniqueItems: true required: - tunnel_subnets type: object x-vmw-nsx-module: PolicyL3Vpn description: | A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn. title: |- Route based L3Vpn Session x-vmw-nsx-module: PolicyL3Vpn RouteDetails: description: |- BGP route details. properties: as_path: description: |- BGP AS path attribute. readOnly: true title: |- AS path type: string local_pref: description: |- BGP Local Preference attribute. format: int64 readOnly: true title: |- Local preference type: integer med: description: |- BGP Multi Exit Discriminator attribute. format: int64 readOnly: true title: |- Multi Exit Discriminator type: integer network: description: |- CIDR network address. format: ip-cidr-block readOnly: true type: string next_hop: description: |- Next hop IP address. format: ip readOnly: true type: string weight: description: |- BGP Weight attribute. format: int64 readOnly: true title: |- Weight type: integer title: |- BGP route details type: object x-vmw-nsx-module: AggSvcLogicalRouter RouteMapEntry: description: |- Route map entry properties: action: description: | Action for the route map entry enum: - PERMIT - DENY title: |- Action for the route map entry type: string community_list_matches: description: | Community list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry. items: $ref: '#/definitions/CommunityMatchCriteria' title: |- Community list match criteria type: array prefix_list_matches: description: | Prefix list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry. items: type: string maxItems: 500 title: |- Prefix list match criteria type: array set: $ref: '#/definitions/RouteMapEntrySet' required: - action title: |- Route map entry type: object x-vmw-nsx-module: PolicyConnectivity RouteMapEntrySet: description: |- Set criteria for route map entry properties: as_path_prepend: description: | AS path prepend to influence route selection. title: |- AS path prepend to influence route selection type: string community: description: | Set BGP regular or large community for matching routes. A maximum of one value for each community type separated by space. Well-known community name, community value in aa:nn (2byte:2byte) format for regular community and community value in aa:bb:nn (4byte:4byte:4byte) format for large community are supported. title: |- Set BGP community type: string local_preference: default: 100 description: | Local preference indicates the degree of preference for one BGP route over other BGP routes. The path with highest local preference is preferred. format: int64 maximum: 4294967295 title: |- Local preference to set for matching BGP routes type: integer med: description: | Multi exit descriminator (MED) is a hint to BGP neighbors about the preferred path into an autonomous system (AS) that has multiple entry points. A lower MED value is preferred over a higher value. format: int32 maximum: 4294967295 minimum: 0 title: |- Multi exit descriminator type: integer prefer_global_v6_next_hop: description: | For incoming and import route_maps on receiving both v6 global and v6 link-local address for the route, prefer to use the global address as the next hop. By default, it prefers the link-local next hop. title: |- Prefer global v6 next hop over local next hop type: boolean weight: description: | Weight is used to select a route when multiple routes are available to the same network. Route with the highest weight is preferred. format: int32 maximum: 65535 minimum: 0 title: |- Weight used to select certain path type: integer title: |- Set criteria for route map entry type: object x-vmw-nsx-module: PolicyConnectivity RouterNexthop: description: |- Next hop configuration for network properties: admin_distance: default: 1 description: |- Cost associated with next hop route format: int32 maximum: 255 minimum: 1 title: |- Cost associated with next hop route type: integer ip_address: description: |- Next hop gateway IP address format: ip type: string scope: description: | Interface path associated with current route. For example: specify a policy path referencing the IPSec VPN Session. items: type: string minItems: 1 title: |- Interface path associated with current route type: array title: |- Next hop configuration for network type: object x-vmw-nsx-module: PolicyConnectivity RoutesPerTransportNode: description: |- BGP routes per transport node. properties: routes: description: | Array of BGP neighbor route details for this transport node. items: $ref: '#/definitions/RouteDetails' readOnly: true title: |- BGP neighbor route details type: array source_address: description: |- BGP neighbor source address. format: ip readOnly: true type: string transport_node_id: description: |- Transport node id readOnly: true title: |- Transport node id type: string title: |- Routes per transport node type: object x-vmw-nsx-module: AggSvcLogicalRouter RoutingEntry: description: | Routing table entry. properties: admin_distance: description: | Admin distance. format: int32 readOnly: true title: |- Admin distance type: integer interface: description: |- The policy path of the interface which is used as the next hop title: |- The policy path of the interface which is used as the next hop type: string lr_component_id: description: |- Logical router component(Service Router/Distributed Router) id title: |- Logical router component(Service Router/Distributed Router) id type: string lr_component_type: description: |- Logical router component(Service Router/Distributed Router) type title: |- Logical router component(Service Router/Distributed Router) type type: string network: description: | Network CIDR. readOnly: true title: |- Network CIDR type: string next_hop: description: | Next hop address. format: ip readOnly: true type: string route_type: description: | Route type in routing table. t0c - Tier-0 Connected t0s - Tier-0 Static b - BGP t0n - Tier-0 NAT t1s - Tier-1 Static t1c - Tier-1 Connected t1n: Tier-1 NAT t1l: Tier-1 LB VIP t1ls: Tier-1 LB SNAT t1d: Tier-1 DNS FORWARDER t1ipsec: Tier-1 IPSec isr: Inter-SR readOnly: true title: |- Route type (USER, CONNECTED, NSX_INTERNAL,..) type: string title: |- Routing table entry type: object x-vmw-nsx-module: PolicyConnectivityStatistics RoutingTable: description: | Routing table. properties: count: description: |- Entry count. format: int32 readOnly: true title: |- Entry count type: integer edge_node: description: | Transport node ID. readOnly: true title: |- Transport node ID type: string error_message: description: | Routing table fetch error message, populated only if status if failure. readOnly: true title: |- Routing table fetch error. type: string route_entries: description: |- Route entries. items: $ref: '#/definitions/RoutingEntry' title: |- Route entries type: array status: description: | Routing table fetch status from Transport node. enum: - SUCCESS - FAILURE - NOT_FOUND readOnly: true title: |- Routing table fetch status. type: string required: - route_entries title: |- Routing table type: object x-vmw-nsx-module: PolicyConnectivityStatistics RoutingTableListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of Routes per transport node ID. items: $ref: '#/definitions/RoutingTable' title: |- Paged Collection of Routes per transport node ID type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics RowListField: description: |- Root of the api result set for forming rows. properties: alias: description: |- Short name or alias of row list field, if any. If unspecified, the row list field can be referenced by its index in the array of row list fields as $ (for example, $0). maxLength: 255 title: |- Alias Name type: string path: description: |- JSON path to the root of the api result set for forming rows. maxLength: 1024 title: |- JSON path type: string required: - path title: |- List of fields from which rows are formed type: object x-vmw-nsx-module: NsxDashboard RpAddressMulticastRanges: description: |- Static IPv4 multicast address and assciated multicast group ranges. properties: multicast_ranges: description: |- Assciated multicast group ranges configuration. items: description: |- IPv4 or IPv6 CIDR Block format: ip-cidr-block type: string title: |- Assciated multicast group ranges configuration type: array rp_address: description: |- Static IPv4 multicast address configuration. format: ip type: string required: - rp_address title: |- Static IPv4 multicast address and assciated multicast group ranges type: object x-vmw-nsx-module: PolicyMulticast Rule: allOf: - $ref: '#/definitions/BaseRule' - properties: action: description: | The action to be applied to all the services The JUMP_TO_APPLICATION action is only supported for rules created in the Environment category. Once a match is hit then the rule processing will jump to the rules present in the Application category, skipping all further rules in the Environment category. If no rules match in the Application category then the default application rule will be hit. This is applicable only for DFW. enum: - ALLOW - DROP - REJECT - JUMP_TO_APPLICATION title: |- Action type: string type: object x-vmw-nsx-module: Policy description: |- A rule indicates the action to be performed for various types of traffic flowing between workload groups. title: |- A rule specifies the security policy rule between the workload groups x-vmw-nsx-module: Policy RuleListResult: allOf: - $ref: '#/definitions/BaseRuleListResult' - properties: results: description: |- Rule list results items: $ref: '#/definitions/Rule' title: |- Rule list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Rules title: |- Paged Collection of Rules x-vmw-nsx-module: Policy RuleStatistics: allOf: - $ref: '#/definitions/Resource' - properties: byte_count: description: | Aggregated number of bytes processed by the rule. format: int64 readOnly: true title: |- Bytes count type: integer hit_count: description: |- Aggregated number of hits received by the rule. format: int64 readOnly: true title: |- Hits count type: integer internal_rule_id: description: | Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created. readOnly: true title: |- NSX internal rule id type: string l7_accept_count: description: |- Aggregated number of L7 Profile Accepted counters received by the rule. format: int64 readOnly: true title: |- L7 Accept count type: integer l7_reject_count: description: |- Aggregated number of L7 Profile Rejected counters received by the rule. format: int64 readOnly: true title: |- L7 Reject count type: integer l7_reject_with_response_count: description: |- Aggregated number of L7 Profile Rejected with Response counters received by the rule. format: int64 readOnly: true title: |- L7 Reject with response count type: integer lr_path: description: |- Path of the LR on which the section is applied in case of Edge FW. readOnly: true title: |- Logical Router (Tier-0/Tier1) path type: string max_popularity_index: description: | Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. format: int64 readOnly: true title: |- The maximum popularity index type: integer max_session_count: description: | Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. format: int64 readOnly: true title: |- Maximum Sessions count type: integer packet_count: description: | Aggregated number of packets processed by the rule. format: int64 readOnly: true title: |- Packets count type: integer popularity_index: description: |- This is calculated by sessions count divided by age of the rule. format: int64 readOnly: true title: |- The index of the popularity of rule type: integer rule: description: |- Path of the rule. readOnly: true title: |- Rule path type: string session_count: description: | Aggregated number of sessions processed by the rule. format: int64 readOnly: true title: |- sessions count type: integer total_session_count: description: | Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API. format: int64 readOnly: true title: |- Total Sessions count type: integer type: object x-vmw-nsx-module: Policy x-vmw-nsx-module: Policy RuleStatisticsForEnforcementPoint: description: |- Rule statistics for a specfic enforcement point. properties: container_cluster_path: description: |- Rule statistics for a single container cluster readOnly: true title: |- Cluster container path type: string enforcement_point: description: |- Rule statistics for a single enforcement point readOnly: true title: |- Enforcement point path type: string statistics: $ref: '#/definitions/RuleStatistics' title: |- Rule statistics for an enforcement point type: object x-vmw-nsx-module: Policy RuleStatisticsListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- RuleStatistics list results items: $ref: '#/definitions/RuleStatisticsForEnforcementPoint' title: |- RuleStatistics list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of rule statistics title: |- Paged Collection of rule statistics x-vmw-nsx-module: Policy RuntimeInterfaceStatistics: allOf: - $ref: '#/definitions/SIAggregatedDataCounterEx' - properties: interface_index: description: |- Index of the interface format: int64 readOnly: true title: |- Index of the interface type: integer last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer type: object x-vmw-nsx-module: ServiceInsertionVMDeployment x-vmw-nsx-module: ServiceInsertionVMDeployment SIAggregatedDataCounter: properties: rx_bytes: $ref: '#/definitions/SIDataCounter' rx_packets: $ref: '#/definitions/SIDataCounter' tx_bytes: $ref: '#/definitions/SIDataCounter' tx_packets: $ref: '#/definitions/SIDataCounter' type: object x-vmw-nsx-module: ServiceInsertionVMDeployment SIAggregatedDataCounterEx: allOf: - $ref: '#/definitions/SIAggregatedDataCounter' - properties: dropped_by_security_packets: $ref: '#/definitions/SIPacketsDroppedBySecurity' mac_learning: $ref: '#/definitions/SIMacLearningCounters' type: object x-vmw-nsx-module: ServiceInsertionVMDeployment x-vmw-nsx-module: ServiceInsertionVMDeployment SIDataCounter: properties: dropped: description: |- The dropped packets or bytes format: int64 title: |- The dropped packets or bytes type: integer multicast_broadcast: description: |- The multicast and broadcast packets or bytes format: int64 title: |- The multicast and broadcast packets or bytes type: integer total: description: |- The total packets or bytes format: int64 title: |- The total packets or bytes type: integer required: - total type: object x-vmw-nsx-module: ServiceInsertionVMDeployment SIMacLearningCounters: properties: mac_not_learned_packets_allowed: description: |- The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW. format: int64 title: |- Number of dispatched packets with unknown source MAC address. type: integer mac_not_learned_packets_dropped: description: |- The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP. format: int64 title: |- Number of dropped packets with unknown source MAC address. type: integer macs_learned: description: |- Number of MACs learned format: int64 title: |- Number of MACs learned type: integer type: object x-vmw-nsx-module: ServiceInsertionVMDeployment SIPacketTypeAndCounter: properties: counter: description: |- The number of packets. format: int64 title: |- The number of packets. type: integer packet_type: description: |- The type of the packets title: |- The type of the packets type: string required: - counter - packet_type type: object x-vmw-nsx-module: ServiceInsertionVMDeployment SIPacketsDroppedBySecurity: properties: bpdu_filter_dropped: description: |- The number of packets dropped by "BPDU filter". format: int64 title: |- The number of packets dropped by "BPDU filter". type: integer dhcp_client_dropped_ipv4: description: |- The number of IPv4 packets dropped by "DHCP client block". format: int64 title: |- The number of IPv4 packets dropped by "DHCP client block". type: integer dhcp_client_dropped_ipv6: description: |- The number of IPv6 packets dropped by "DHCP client block". format: int64 title: |- The number of IPv6 packets dropped by "DHCP client block". type: integer dhcp_server_dropped_ipv4: description: |- The number of IPv4 packets dropped by "DHCP server block". format: int64 title: |- The number of IPv4 packets dropped by "DHCP server block". type: integer dhcp_server_dropped_ipv6: description: |- The number of IPv6 packets dropped by "DHCP server block". format: int64 title: |- The number of IPv6 packets dropped by "DHCP server block". type: integer spoof_guard_dropped: description: |- The packets dropped by "Spoof Guard"; supported packet types are IPv4, IPv6, ARP, ND, non-IP. items: $ref: '#/definitions/SIPacketTypeAndCounter' title: |- The packets dropped by "Spoof Guard"; supported packet types are IPv4, IPv6, ARP, ND, non-IP. type: array type: object x-vmw-nsx-module: ServiceInsertionVMDeployment SVMDeploymentSpec: description: |- Deployment Specs holds information required to deploy the Service-VMs.i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF(Open Virtualization Format) can be deployed, Form factor to name a few. properties: host_type: description: |- Host Type on which the specified OVF can be deployed. enum: - ESXI - RHELKVM - UBUNTUKVM readOnly: false title: |- HostType type: string min_host_version: default: '6.5' description: |- Minimum host version supported by this ovf. If a host in the deployment cluster is having version less than this, then service deployment will not happen on that host. readOnly: false title: |- Minimum Host Version type: string name: description: |- Deployment Spec name for ease of use, since multiple DeploymentSpec can be specified. readOnly: false title: |- name type: string ovf_url: description: |- Location of the partner VM OVF to be deployed. readOnly: false title: |- OVF url type: string service_form_factor: default: MEDIUM description: |- Supported ServiceInsertion Form Factor for the OVF deployment. The default FormFactor is Medium. enum: - SMALL - MEDIUM - LARGE readOnly: false title: |- Service Form Factor type: string svm_version: default: '1.0' description: |- Partner needs to specify the Service VM version which will get deployed. title: |- Partner Service-VM version. type: string required: - ovf_url - host_type title: |- Service-VM Deployment Spec type: object x-vmw-nsx-module: ServiceInsertionCommonTypes SamplingArgument: discriminator: sampling_type properties: sampling_type: description: |- Sampling type enum: - FirstNSampling - PacketNumberSampling - IntervalSampling title: |- Sampling type type: string required: - sampling_type type: object x-vmw-nsx-module: LiveTrace SearchResponse: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of records matching the search query. items: type: object readOnly: true title: |- Search results type: array type: object x-vmw-nsx-module: Search description: |- Search response title: |- SearchResponse x-vmw-nsx-module: Search SecurityFeature: allOf: - $ref: '#/definitions/SecurityFeatureBase' - properties: feature: description: | Feature to be enabled/disabled. IDPS - Intrusion Detection System TLS - Transport Layer Security Inspection MALWAREPREVENTION - Malware Prevention Use any one of this to enable/disabe it. enum: - MALWAREPREVENTION - IDFW - IDPS - TLS type: string required: - feature type: object x-vmw-nsx-module: PolicyGatewaySecurityFeature description: |- T1 Security feature entity with feature details title: |- T1 Security feature entity with feature details x-vmw-nsx-module: PolicyGatewaySecurityFeature SecurityFeatureBase: description: |- Security Feature feature entity properties: enable: default: false description: |- true - enable the feature, false - disable the feture title: |- Flag to enable/disable type: boolean required: - enable title: |- Security Feature feature entity type: object x-vmw-nsx-module: PolicyGatewaySecurityFeature SecurityFeatures: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: features: items: $ref: '#/definitions/SecurityFeature' type: array required: - features type: object x-vmw-nsx-module: PolicyGatewaySecurityFeature description: |- T1 Security features entity with feature details title: |- T1 Security features entity with feature details x-vmw-nsx-module: PolicyGatewaySecurityFeature SecurityPolicy: allOf: - $ref: '#/definitions/Policy' - properties: application_connectivity_strategy: description: | This field indicates the application connectivity policy for the security policy. items: $ref: '#/definitions/ApplicationConnectivityStrategy' maxItems: 3 title: |- List of Application Connectivity strategy for this SecurityPolicy type: array connectivity_preference: description: | This field indicates the default connectivity policy for the security policy. Based on the connectivitiy preference, a default rule for this security policy will be created. An appropriate action will be set on the rule based on the value of the connectivity preference. If NONE is selected or no connectivity preference is specified, then no default rule for the security policy gets created. The default rule that gets created will be a any-any rule and applied to entities specified in the scope of the security policy. Specifying the connectivity_preference without specifying the scope is not allowed. The scope has to be a Group and one cannot specify IPAddress directly in the group that is used as scope. This default rule is only applicable for the Layer3 security policies. ALLOWLIST - Adds a default drop rule. Administrator can then use "allow" rules to allow traffic between groups DENYLIST - Adds a default allow rule. Admin can then use "drop" rules to block traffic between groups ALLOWLIST_ENABLE_LOGGING - Allowlisting with logging enabled DENYLIST_ENABLE_LOGGING - Denylisting with logging enabled NONE - No default rule is created. enum: - ALLOWLIST - DENYLIST - ALLOWLIST_ENABLE_LOGGING - DENYLIST_ENABLE_LOGGING - NONE title: |- Connectivity preference applicable for this SecurityPolicy type: string connectivity_strategy: description: | This field indicates the default connectivity policy for the security policy. Based on the connectivity strategy, a default rule for this security policy will be created. An appropriate action will be set on the rule based on the value of the connectivity strategy. If NONE is selected or no connectivity strategy is specified, then no default rule for the security policy gets created. The default rule that gets created will be a any-any rule and applied to entities specified in the scope of the security policy. Specifying the connectivity_strategy without specifying the scope is not allowed. The scope has to be a Group and one cannot specify IPAddress directly in the group that is used as scope. This default rule is only applicable for the Layer3 security policies. This property is deprecated. Use the type connectivity_preference instead. WHITELIST - Adds a default drop rule. Administrator can then use "allow" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use "drop" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rule is created. enum: - WHITELIST - BLACKLIST - WHITELIST_ENABLE_LOGGING - BLACKLIST_ENABLE_LOGGING - NONE title: |- Connectivity strategy applicable for this SecurityPolicy type: string x-deprecated: true default_rule_id: description: | Based on the value of the connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule. format: int64 readOnly: true title: |- Default rule ID associated with the connectivity_preference type: integer logging_enabled: default: false description: | This property is deprecated. Flag to enable logging for all the rules in the security policy. If the value is true then logging will be enabled for all the rules in the security policy. If the value is false, then the rule level logging value will be honored. readOnly: false title: |- Enable logging flag type: boolean x-deprecated: true rules: description: |- Rules that are a part of this SecurityPolicy items: $ref: '#/definitions/Rule' title: |- Rules that are a part of this SecurityPolicy type: array type: object x-vmw-nsx-module: Policy description: | Ordered list of Rules. title: |- Contains ordered list of Rules x-vmw-nsx-module: Policy SecurityPolicyContainerCluster: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: container_cluster_path: description: |- Path to the container cluster entity in NSX title: |- Path to the container cluster entity in NSX type: string container_cluster_type: default: ANTREA description: |- Type of the container cluster where the security policy will be realized enum: - ANTREA title: |- Type of the controller where the SecurityPolicy will be realized type: string required: - container_cluster_path type: object x-vmw-nsx-module: Policy description: |- Indicates the container cluster where the security policy will be realized. title: |- Indicates the container cluster where the security policy will be realized. x-vmw-nsx-module: Policy SecurityPolicyContainerClusterListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of container clusters for a security policy items: $ref: '#/definitions/SecurityPolicyContainerCluster' title: |- List of container clusters for a security policy type: array type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Security Policy Container Clusters title: |- Paged Collection of Security Policy Container Clusters x-vmw-nsx-module: Policy SecurityPolicyListResult: allOf: - $ref: '#/definitions/PolicyListResult' - properties: results: description: |- SecurityPolicy list results items: $ref: '#/definitions/SecurityPolicy' title: |- SecurityPolicy list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of security policies title: |- Paged Collection of security policies x-vmw-nsx-module: Policy SecurityPolicyStatistics: description: | Aggregate statistics of all the rules in a security policy. properties: internal_section_id: description: | Realized id of the section on NSX MP. Policy Manager can create more than one section per SecurityPolicy, in which case this identifier helps to distinguish between the multiple sections created. readOnly: true title: |- NSX internal section id type: string lr_path: description: | Path of the LR on which the section is applied in case of Gateway Firewall. readOnly: true title: |- Logical Router (Tier-0/Tier1) path type: string result_count: description: |- Total count for rule statistics format: int64 readOnly: true title: |- Rule stats count type: integer results: description: |- List of rule statistics. items: $ref: '#/definitions/RuleStatistics' maxItems: 1000 readOnly: true title: |- Statistics for all rules type: array title: |- Security policy statistics type: object x-vmw-nsx-module: Policy SecurityPolicyStatisticsForEnforcementPoint: description: | Aggregate statistics of all the rules in a security policy for a specific enforcement point. properties: container_cluster_path: description: |- Security Policy statistics for a single container cluster readOnly: true title: |- Cluster container path type: string enforcement_point: description: |- Enforcement point to fetch the statistics from. readOnly: true title: |- Enforcement point path type: string statistics: $ref: '#/definitions/SecurityPolicyStatistics' title: |- Security policy statistics for an enforcement point type: object x-vmw-nsx-module: Policy SecurityPolicyStatisticsListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Security Policy statistics list results items: $ref: '#/definitions/SecurityPolicyStatisticsForEnforcementPoint' title: |- Security Policy statistics list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Security Policy statistics title: |- Paged Collection of Security Policy statistics x-vmw-nsx-module: Policy SecurityProfileBindingMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - type: object x-vmw-nsx-module: PolicySecurityProfileBinding description: |- Base security profile binding map title: |- Base security profile binding map x-vmw-nsx-module: PolicySecurityProfileBinding Segment: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: address_bindings: description: |- Static address binding used for the Segment. This field is deprecated and will be removed in a future release. Please use address_bindings in SegmentPort to configure static bindings. items: $ref: '#/definitions/PortAddressBindingEntry' maxItems: 512 title: |- Address bindings for the Segment type: array x-deprecated: true admin_state: default: UP description: |- Admin state represents desired state of segment. It does not reflect the state of other logical entities connected/attached to the segment. enum: - UP - DOWN title: |- Represents Desired state of the Segment type: string advanced_config: $ref: '#/definitions/SegmentAdvancedConfig' bridge_profiles: description: |- Multiple distinct L2 bridge profiles can be configured. items: $ref: '#/definitions/BridgeProfileConfig' title: |- Bridge Profile Configuration type: array connectivity_path: description: | Policy path to the connecting Tier-0 or Tier-1. Valid only for segments created under Infra. This field can only be used for overlay segments. VLAN backed segments cannot have connectivity path set. title: |- Policy path to the connecting Tier-0 or Tier-1 type: string dhcp_config_path: description: | Policy path to DHCP server or relay configuration to use for all IPv4 & IPv6 subnets configured on this segment. title: |- Policy path to DHCP configuration type: string domain_name: description: |- DNS domain name title: |- DNS domain name type: string evpn_segment: description: |- Flag to indicate if the Segment is a Child-Segment of type EVPN. readOnly: true title: |- Evpn Segment Flag. type: boolean evpn_tenant_config_path: description: | Policy path to the EvpnTenantConfig resource. Supported only for Route-Server Evpn Mode. Supported only for Overlay Segments. This will be populated for both Parent and Child segments participating in Evpn Route-Server Mode. title: |- Policy path to the EvpnTenantConfig type: string extra_configs: description: | This property could be used for vendor specific configuration in key value string pairs, the setting in extra_configs will be automatically inheritted by segment ports in the Segment. items: $ref: '#/definitions/SegmentExtraConfig' title: |- Extra configs on Segment type: array federation_config: $ref: '#/definitions/FederationConnectivityConfig' l2_extension: $ref: '#/definitions/L2Extension' ls_id: description: | This property is deprecated. The property will continue to work as expected for existing segments. The segments that are newly created with ls_id will be ignored. Sepcify pre-creted logical switch id for Segment. title: |- Pre-created logical switch id for Segment type: string x-deprecated: true mac_pool_id: description: |- Mac pool id that associated with a Segment. title: |- Allocation mac pool associated with the Segment type: string metadata_proxy_paths: description: |- Policy path to metadata proxy configuration. Multiple distinct MD proxies can be configured. items: type: string title: |- Metadata Proxy Configuration Paths type: array overlay_id: description: | Used for overlay connectivity of segments. The overlay_id should be allocated from the pool as definied by enforcement-point. If not provided, it is auto-allocated from the default pool on the enforcement-point. format: int32 maximum: 2147483647 minimum: 0 title: |- Overlay connectivity ID for this Segment type: integer replication_mode: default: MTEP description: | If this field is not set for overlay segment, then the default of MTEP will be used. enum: - MTEP - SOURCE title: |- Replication mode of the Segment type: string subnets: description: |- Subnet configuration. Max 1 subnet items: $ref: '#/definitions/SegmentSubnet' title: |- Subnet configuration. Max 1 subnet type: array transport_zone_path: description: | Policy path to the transport zone. Supported for VLAN backed segments as well as Overlay Segments. - This field is required for VLAN backed Segments. - For overlay Segments, it is auto assigned if only one transport zone exists in the enforcement point. Default transport zone is auto assigned for overlay segments if none specified. title: |- Policy path to the transport zone type: string type: description: | Segment type based on configuration. enum: - ROUTED - EXTENDED - ROUTED_AND_EXTENDED - DISCONNECTED readOnly: true title: |- Segment type type: string vlan_ids: description: | VLAN ids for a VLAN backed Segment. Can be a VLAN id or a range of VLAN ids specified with '-' in between. items: type: string title: |- VLAN ids for VLAN backed Segment type: array type: object x-vmw-nsx-module: PolicyConnectivity description: | Segment configuration to attach workloads. title: |- Segment configuration x-vmw-nsx-module: PolicyConnectivity SegmentAdvancedConfig: allOf: - $ref: '#/definitions/ConnectivityAdvancedConfig' - properties: address_pool_paths: description: | Policy path to IP address pools. items: type: string maxItems: 1 title: |- Policy path to IP address pools type: array hybrid: default: false description: | When set to true, all the ports created on this segment will behave in a hybrid fashion. The hybrid port indicates to NSX that the VM intends to operate in underlay mode, but retains the ability to forward egress traffic to the NSX overlay network. This property is only applicable for segment created with transport zone type OVERLAY_STANDARD. This property cannot be modified after segment is created. title: |- Flag to identify a hybrid logical switch type: boolean inter_router: default: false description: | When set to true, any port attached to this logical switch will not be visible through VC/ESX UI title: |- Flag to indicate if the logical switch will provide inter-router connectivity type: boolean local_egress: default: false description: | This property is used to enable proximity routing with local egress. When set to true, logical router interface (downlink) connecting Segment to Tier0/Tier1 gateway is configured with prefix-length 32. title: |- Flag to enable local egress type: boolean local_egress_routing_policies: description: | An ordered list of routing policies to forward traffic to the next hop. items: $ref: '#/definitions/LocalEgressRoutingEntry' minItems: 1 title: |- Local egress routing policies type: array multicast: description: | Enable multicast on the downlink LRP created to connect the segment to Tier0/Tier1 gateway. title: |- Enable multicast on the downlink type: boolean ndra_profile_path: description: | This profile is applie dto the downlink logical router port created while attaching this semgnet to tier-0 or tier-1. If this field is empty, NDRA profile of the router is applied to the newly created port. title: |- Policy path of Neighbor Discovery Router Advertisement profile type: string node_local_switch: description: | A behaviour required for Firewall As A Service (FaaS) where the segment BUM traffic is confined within the edge node that this segment belongs to. title: |- Prevent BUM (broadcast, unknown-unicast and multicast) traffic from reaching the other spanned edges type: boolean origin_id: description: |- ID populated by NSX when NSX on DVPG is used to indicate the source DVPG. Currently, only DVPortgroups are identified as Discovered Segments. The origin_id is the identifier of DVPortgroup from the source vCenter server. title: |- ID of the discovered Segment representing a network managed by non-NSX entity. type: string origin_type: description: |- The type of source from where the DVPortgroup is discovered enum: - VCENTER title: |- The DVPortgroup origin type type: string uplink_teaming_policy_name: description: |- The name of the switching uplink teaming policy for the Segment. This name corresponds to one of the switching uplink teaming policy names listed in TransportZone associated with the Segment. See transport_zone_path property above for more details. When this property is not specified, the segment will not have a teaming policy associated with it and the host switch's default teaming policy will be used by MP. title: |- Uplink Teaming Policy Name type: string urpf_mode: default: STRICT description: | This URPF mode is applied to the downlink logical router port created while attaching this segment to tier-0 or tier-1. enum: - NONE - STRICT title: |- Unicast Reverse Path Forwarding mode type: string type: object x-vmw-nsx-module: PolicyConnectivity description: |- Advanced configuration for Segment title: |- Advanced configuration for Segment x-vmw-nsx-module: PolicyConnectivity SegmentConfigurationState: allOf: - $ref: '#/definitions/ConfigurationState' - properties: segment_path: description: |- Segment path readOnly: true title: |- Segment path type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: |- Segment state on specific Enforcement Point. title: |- Segment state on specific Enforcement Point x-vmw-nsx-module: PolicyConnectivityStatistics SegmentConfigurationStateListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Paged Collection of Segment State on specific Enforcement Point items: $ref: '#/definitions/SegmentConfigurationState' title: |- Paged Collection of Segment State on specific Enforcement Point type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics SegmentCrossSiteTrafficStats: properties: last_update_timestamp: description: | Timestamp when the l2 forwarder statistics was last updated. format: int64 readOnly: true type: integer rx_stats: $ref: '#/definitions/InterSitePortCounters' segment_path: description: | Policy path of Segment to attach interface. readOnly: true title: |- Policy path of Segment to attach interface type: string tx_stats: $ref: '#/definitions/InterSitePortCounters' type: object x-vmw-nsx-module: PolicyConnectivityStatistics SegmentDhcpConfig: description: | DHCP IPv4 and IPv6 configurations are extended from this abstract class. discriminator: resource_type properties: dns_servers: description: | IP address of DNS servers for subnet. DNS server IP address must belong to the same address family as segment gateway_address property. items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 2 title: |- DNS servers for subnet type: array lease_time: default: 86400 description: | DHCP lease time in seconds. When specified, this property overwrites lease time configured DHCP server config. format: int64 maximum: 4294967295 minimum: 60 title: |- DHCP lease time for subnet type: integer resource_type: enum: - SegmentDhcpV4Config - SegmentDhcpV6Config type: string server_address: description: | IP address of the DHCP server in CIDR format. The server_address is mandatory in case this segment has provided a dhcp_config_path and it represents a DHCP server config. If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must be an IPv4 address. If this is a SegmentDhcpV6Config, the address must be an IPv6 address. This address must not overlap the ip-ranges of the subnet, or the gateway address of the subnet, or the DHCP static-binding addresses of this segment. format: ip-cidr-block type: string required: - resource_type title: |- DHCP configuration for segment subnet type: object x-vmw-nsx-module: PolicyConnectivity SegmentDhcpV4Config: allOf: - $ref: '#/definitions/SegmentDhcpConfig' - properties: options: $ref: '#/definitions/DhcpV4Options' type: object x-vmw-nsx-module: PolicyConnectivity description: |- DHCP configuration of IPv4 subnet in a segment title: |- DHCP configuration of IPv4 subnet in a segment x-vmw-nsx-module: PolicyConnectivity SegmentDhcpV6Config: allOf: - $ref: '#/definitions/SegmentDhcpConfig' - properties: domain_names: description: | Domain names for subnet. items: type: string title: |- Domain names for subnet type: array excluded_ranges: description: |- Excluded addresses to define dynamic ip allocation ranges. items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string maxItems: 128 minItems: 0 title: |- Excluded range of IPv6 addresses type: array preferred_time: description: | The length of time that a valid address is preferred. When the preferred lifetime expires, the address becomes deprecated. format: int64 maximum: 4294967295 minimum: 60 title: |- Preferred time type: integer sntp_servers: description: | IPv6 address of SNTP servers for subnet. items: description: |- IPv6 address format: ipv6 type: string maxItems: 2 title: |- SNTP servers for subnet type: array type: object x-vmw-nsx-module: PolicyConnectivity description: |- DHCP configuration of IPv6 subnet in a segment title: |- DHCP configuration of IPv6 subnet in a segment x-vmw-nsx-module: PolicyConnectivity SegmentDiscoveryProfileBindingMap: allOf: - $ref: '#/definitions/DiscoveryProfileBindingMap' - properties: ip_discovery_profile_path: description: |- PolicyPath of associated IP Discovery Profile title: |- IP Discovery Profile Path type: string mac_discovery_profile_path: description: |- PolicyPath of associated Mac Discovery Profile title: |- Mac Discovery Profile Path type: string type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: | This entity will be used to establish association between discovery profile and Segment. Using this entity, user can specify intent for applying discovery profile to particular segments. title: |- Segment Discovery Profile binding map x-vmw-nsx-module: PolicyDiscoveryProfileBinding SegmentDiscoveryProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Segment Discovery Profile Binding Map list results items: $ref: '#/definitions/SegmentDiscoveryProfileBindingMap' title: |- Segment Discovery Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyDiscoveryProfileBinding description: |- Paged collection of Segment Discovery Profile Binding Maps title: |- Paged collection of Segment Discovery Profile Binding Maps x-vmw-nsx-module: PolicyDiscoveryProfileBinding SegmentExtraConfig: description: | Segment extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on either segment or segment port. properties: config_pair: $ref: '#/definitions/UnboundedKeyValuePair' required: - config_pair title: |- Vendor specific configuration on segment or Segment port type: object x-vmw-nsx-module: PolicyConnectivity SegmentL2ForwarderSiteSpanInfo: properties: inter_site_forwarder_status: description: |- Inter-site forwarder status per node. items: $ref: '#/definitions/L2ForwarderStatusPerNode' readOnly: true title: |- Inter-site forwarder status per node type: array last_update_timestamp: description: | Timestamp when the L2 forwarder remote mac addresses was last updated. format: int64 readOnly: true type: integer remote_macs_per_site: description: | L2 forwarder remote mac addresses per site for logical switch. items: $ref: '#/definitions/L2ForwarderRemoteMacsPerSite' readOnly: true title: |- L2 forwarder remote mac addresses per site type: array segment_path: description: | Policy path of a segment. readOnly: true title: |- Segment path type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics SegmentListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Segment list results items: $ref: '#/definitions/Segment' title: |- Segment list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Segments title: |- Paged collection of Segments x-vmw-nsx-module: PolicyConnectivity SegmentMacAddressListResult: allOf: - $ref: '#/definitions/ListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/MacTableEntry' type: array transport_node_id: description: |- Transport node identifier readOnly: true title: |- Transport node identifier type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics SegmentMonitoringProfileBindingMap: allOf: - $ref: '#/definitions/MonitoringProfileBindingMap' - properties: ipfix_l2_profile_path: description: |- PolicyPath of associated IPFIX L2 Profile title: |- IPFIX L2 Profile Path type: string port_mirroring_profile_path: description: |- PolicyPath of associated Port Mirroring Profile title: |- Port Mirroring Profile Path type: string type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: | This entity will be used to establish association between monitoring profile and Segment. Using this entity, you can specify intent for applying monitoring profile to particular segment. title: |- Segment Monitoring Profile binding map x-vmw-nsx-module: PolicyMonitoringProfileBinding SegmentMonitoringProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Segment Monitoring Profile Binding Map list results items: $ref: '#/definitions/SegmentMonitoringProfileBindingMap' title: |- Segment Monitoring Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyMonitoringProfileBinding description: |- Paged collection of Segment Monitoring Profile Binding Maps title: |- Paged collection of Segment Monitoring Profile Binding Maps x-vmw-nsx-module: PolicyMonitoringProfileBinding SegmentPort: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: address_bindings: description: |- Static address binding used for the port. items: $ref: '#/definitions/PortAddressBindingEntry' maxItems: 512 title: |- Address bindings for the port type: array admin_state: default: UP description: |- Represents desired state of the segment port enum: - UP - DOWN title: |- Represents desired state of the segment port type: string attachment: $ref: '#/definitions/PortAttachment' extra_configs: description: | This property could be used for vendor specific configuration in key value string pairs. Segment port setting will override segment setting if the same key was set on both segment and segment port. items: $ref: '#/definitions/SegmentExtraConfig' title: |- Extra configs on segment port type: array ignored_address_bindings: description: | IP Discovery module uses various mechanisms to discover address bindings being used on each segment port. If a user would like to ignore any specific discovered address bindings or prevent the discovery of a particular set of discovered bindings, then those address bindings can be provided here. Currently IP range in CIDR format is not supported. items: $ref: '#/definitions/PortAddressBindingEntry' maxItems: 16 minItems: 0 title: |- Address bindings to be ignored by IP Discovery module type: array init_state: description: | Set initial state when a new logical port is created. 'UNBLOCKED_VLAN' means new port will be unblocked on traffic in creation, also VLAN will be set with corresponding logical switch setting. This port setting can only be configured at port creation, and cannot be modified. 'RESTORE_VIF' fetches and restores VIF attachment from ESX host. enum: - UNBLOCKED_VLAN - RESTORE_VIF title: |- Initial state of this logical ports type: string origin_id: description: | ID populated by NSX when NSX on DVPG is used to indicate the source Distributed Virtual Port and the corresponding Distributed Virtual Switch. This ID is populated only for ports attached to discovered segments. readOnly: true title: |- ID of the distributed virtual port and the distributed virtual switch in the source vCenter type: string source_site_id: description: | This field will refer to the source site on which the segment port is discovered. This field is populated by GM, when it receives corresponding notification from LM. readOnly: true title: |- source site(LM) id. type: string type: object x-vmw-nsx-module: PolicyConnectivity description: |- Policy port will create LogicalPort on LogicalSwitch corresponding to the Segment. Address bindings cannot be removed after realization. title: |- Policy port object for segment x-vmw-nsx-module: PolicyConnectivity SegmentPortAttachmentState: description: |- VIF attachment state of a segment port properties: attachers: description: |- VM or vmknic entities that are attached to the Segment Port items: $ref: '#/definitions/PortAttacher' readOnly: true title: |- VM or vmknic entities that are attached to the Segment Port type: array id: description: |- VIF ID readOnly: true title: |- VIF ID type: string state: description: | A segment port must be in one of following states. FREE - If there are no active attachers. The port may or may not have an attachment ID configured on it. This state is applicable only to port of static type. ATTACHED - Segment port has exactly one active attacher and no further configuration is pending. ATTACHED_PENDING_CONF - Segment port has exactly one attacher, however it may not have been configured completely. Additional configuration will be provided by other nsx components. ATTACHED_IN_MOTION - Segment port has multiple active attachers. This state represents a scenario where VM is moving from one location (host or storage) to another (e.g. vmotion, vSphere HA) DETACHED - A temporary state after all port attachers have been detached. This state is applicable only to a port of ephemeral type and the port will soon be deleted. enum: - FREE - ATTACHED - ATTACHED_PENDING_CONF - ATTACHED_IN_MOTION - DETACHED readOnly: true title: |- State of the VIF attached to Segment Port type: string title: |- VIF attachment state of a segment port type: object x-vmw-nsx-module: PolicyConnectivityStatistics SegmentPortListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Place holder for the list result items: $ref: '#/definitions/SegmentPort' title: |- SegmentPort list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- List SegmentPort objects title: |- Paged collection of SegmentPort x-vmw-nsx-module: PolicyConnectivity SegmentPortMacAddressCsvListResult: allOf: - $ref: '#/definitions/CsvListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/SegmentPortMacTableCsvEntry' type: array type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics SegmentPortMacAddressListResult: allOf: - $ref: '#/definitions/ListResult' - properties: last_update_timestamp: description: |- Timestamp when the data was last updated; unset if data source has never updated the data. format: int64 readOnly: true type: integer results: items: $ref: '#/definitions/SegmentPortMacTableEntry' type: array transport_node_id: description: |- Transport node identifier readOnly: true title: |- Transport node identifier type: string type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics SegmentPortMacTableCsvEntry: allOf: - $ref: '#/definitions/CsvRecord' - properties: mac_address: description: |- The MAC address title: |- The MAC address type: string mac_type: description: |- The type of the MAC address enum: - STATIC - LEARNED type: string required: - mac_type - mac_address type: object x-vmw-nsx-module: PolicyConnectivityStatistics x-vmw-nsx-module: PolicyConnectivityStatistics SegmentPortMacTableEntry: properties: mac_address: description: |- The MAC address title: |- The MAC address type: string mac_type: description: |- The type of the MAC address enum: - STATIC - LEARNED type: string required: - mac_type - mac_address type: object x-vmw-nsx-module: PolicyConnectivityStatistics SegmentPortState: description: | Contains realized state of the segment port. For example: transport node on which the port is located, discovered and realized address bindings of the port. properties: attachment: $ref: '#/definitions/SegmentPortAttachmentState' discovered_bindings: description: | Contains the list of address bindings for a segment port that were automatically dicovered using various snooping methods like ARP, DHCP etc. items: $ref: '#/definitions/AddressBindingEntry' title: |- Segment port bindings discovered automatically type: array duplicate_bindings: description: | If any address binding discovered on the port is also found on other port on the same segment, then it is included in the duplicate bindings list along with the ID of the port with which it conflicts. items: $ref: '#/definitions/DuplicateAddressBindingEntry' title: |- Duplicate segment port address bindings type: array realized_bindings: description: | List of segment port bindings that are realized. This list may be populated from the discovered bindings or manual user specified bindings. This binding configuration can be used by features such as firewall, spoof-guard, traceflow etc. items: $ref: '#/definitions/AddressBindingEntry' title: |- Realized segment port bindings type: array transport_node_ids: description: |- Identifiers of the transport nodes where the port is located items: type: string title: |- Identifiers of the transport nodes where the port is located type: array title: |- Realized state of the segment port on enforcement point type: object x-vmw-nsx-module: PolicyConnectivityStatistics SegmentPortStatistics: allOf: - $ref: '#/definitions/LogicalPortStatistics' - type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: |- Segment port statistics on specific Enforcement Point. title: |- Segment port statistics on specific Enforcement Point x-vmw-nsx-module: PolicyConnectivityStatistics SegmentPortStatus: allOf: - $ref: '#/definitions/LogicalPortOperationalStatus' - type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: |- Segment port status on specific Enforcement Point. title: |- Segment port status on specific Enforcement Point x-vmw-nsx-module: PolicyConnectivityStatistics SegmentQoSProfileBindingMap: allOf: - $ref: '#/definitions/QoSProfileBindingMap' - properties: qos_profile_path: description: |- PolicyPath of associated QoS Profile title: |- QoS Profile Path type: string type: object x-vmw-nsx-module: PolicyQoSProfileBinding description: | This entity will be used to establish association between qos profile and Segment. Using this entity, you can specify intent for applying qos profile to particular segment. title: |- Segment QoS Profile binding map x-vmw-nsx-module: PolicyQoSProfileBinding SegmentQoSProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Segment QoS Profile Binding Map list results items: $ref: '#/definitions/SegmentQoSProfileBindingMap' title: |- Segment QoS Profile Binding Map list results type: array required: - results type: object x-vmw-nsx-module: PolicyQoSProfileBinding description: |- Paged collection of Segment QoS Profile Binding Maps title: |- Paged collection of Segment QoS Profile Binding Maps x-vmw-nsx-module: PolicyQoSProfileBinding SegmentSecurityProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bpdu_filter_allow: description: | Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering. List of allowed MACs - 01:80:c2:00:00:00, 01:80:c2:00:00:01, 01:80:c2:00:00:02, 01:80:c2:00:00:03, 01:80:c2:00:00:04, 01:80:c2:00:00:05, 01:80:c2:00:00:06, 01:80:c2:00:00:07, 01:80:c2:00:00:08, 01:80:c2:00:00:09, 01:80:c2:00:00:0a, 01:80:c2:00:00:0b, 01:80:c2:00:00:0c, 01:80:c2:00:00:0d, 01:80:c2:00:00:0e, 01:80:c2:00:00:0f, 00:e0:2b:00:00:00, 00:e0:2b:00:00:04, 00:e0:2b:00:00:06, 01:00:0c:00:00:00, 01:00:0c:cc:cc:cc, 01:00:0c:cc:cc:cd, 01:00:0c:cd:cd:cd, 01:00:0c:cc:cc:c0, 01:00:0c:cc:cc:c1, 01:00:0c:cc:cc:c2, 01:00:0c:cc:cc:c3, 01:00:0c:cc:cc:c4, 01:00:0c:cc:cc:c5, 01:00:0c:cc:cc:c6, 01:00:0c:cc:cc:c7 items: description: | A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case, separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB. format: mac-address type: string maxItems: 32 minItems: 0 title: |- Disable BPDU filtering on this whitelist type: array bpdu_filter_enable: default: true description: | Indicates whether BPDU filter is enabled. BPDU filtering is enabled by default. title: |- BPDU filtering status type: boolean dhcp_client_block_enabled: default: false description: | Filters DHCP server and/or client traffic. DHCP server blocking is enabled and client blocking is disabled by default. title: |- Enable DHCP client block type: boolean dhcp_client_block_v6_enabled: default: false description: | Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is disabled by default. title: |- Enable DHCP client block v6 type: boolean dhcp_server_block_enabled: default: true description: | Filters DHCP server and/or client traffic. DHCP server blocking is enabled and client blocking is disabled by default. title: |- Enable DHCP server block type: boolean dhcp_server_block_v6_enabled: default: true description: | Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is disabled by default. title: |- Enable DHCP server block v6 type: boolean non_ip_traffic_block_enabled: default: false description: | A flag to block all traffic except IP/(G)ARP/BPDU. title: |- Enable non IP traffic block type: boolean ra_guard_enabled: default: false description: | Enable or disable Router Advertisement Guard. title: |- Enable Router Advertisement Guard type: boolean rate_limits: $ref: '#/definitions/TrafficRateLimits' rate_limits_enabled: default: false description: | Enable or disable Rate Limits title: |- Enable Rate Limits type: boolean type: object x-vmw-nsx-module: PolicySegmentSecurity description: | Security features extended by policy operations for securing logical segments. title: |- Segment Security Profile x-vmw-nsx-module: PolicySegmentSecurity SegmentSecurityProfileBindingMap: allOf: - $ref: '#/definitions/SecurityProfileBindingMap' - properties: segment_security_profile_path: description: |- The policy path of the asscociated Segment Security profile title: |- Segment Security Profile Path type: string spoofguard_profile_path: description: |- The policy path of the asscociated SpoofGuard profile title: |- SpoofGuard Profile Path type: string type: object x-vmw-nsx-module: PolicySecurityProfileBinding description: | Contains the binding relationship between segment and security profile. title: |- Security profile binding map for segment x-vmw-nsx-module: PolicySecurityProfileBinding SegmentSecurityProfileBindingMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Segment security profile binding map list results items: $ref: '#/definitions/SegmentSecurityProfileBindingMap' title: |- Segment security profile binding map list results type: array required: - results type: object x-vmw-nsx-module: PolicySecurityProfileBinding description: |- Paged collection of segment security profile binding maps title: |- Paged collection of segment security profile binding maps x-vmw-nsx-module: PolicySecurityProfileBinding SegmentSecurityProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Segment Security profile list results items: $ref: '#/definitions/SegmentSecurityProfile' title: |- Segment Security profile list results type: array required: - results type: object x-vmw-nsx-module: PolicySegmentSecurity description: |- Paged collection of segment security profiles title: |- Paged collection of segment security profiles x-vmw-nsx-module: PolicySegmentSecurity SegmentStatistics: allOf: - $ref: '#/definitions/LogicalSwitchStatistics' - type: object x-vmw-nsx-module: PolicyConnectivityStatistics description: |- Segment statistics on specific Enforcement Point. title: |- Segment statistics on specific Enforcement Point x-vmw-nsx-module: PolicyConnectivityStatistics SegmentSubnet: description: |- Subnet configuration for segment properties: dhcp_config: $ref: '#/definitions/SegmentDhcpConfig' dhcp_ranges: description: | DHCP address ranges are used for dynamic IP allocation. Supports address range and CIDR formats. First valid host address from the first value is assigned to DHCP server IP address. Existing values cannot be deleted or modified, but additional DHCP ranges can be added. items: description: | IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are "192.168.1.1", "192.168.1.1-192.168.1.100", "192.168.0.0/24", "fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c", "fe80::250:56ff:fe83:318c/64" format: address-or-block-or-range type: string maxItems: 99 minItems: 1 title: |- DHCP address ranges for dynamic IP allocation type: array gateway_address: description: | Gateway IP address in CIDR format for both IPv4 and IPv6. format: ip-cidr-block title: |- Gateway IP address. type: string network: description: | Network CIDR for this subnet calculated from gateway_addresses and prefix_len. readOnly: true title: |- Network CIDR for subnet type: string title: |- Subnet configuration for segment type: object x-vmw-nsx-module: PolicyConnectivity SelectableResourceReference: allOf: - $ref: '#/definitions/ResourceReference' - properties: selected: description: |- Set to true if this resource has been selected to be acted upon title: |- Set to true if this resource has been selected to be acted upon type: boolean required: - selected type: object x-vmw-nsx-module: ClusterRestore description: |- Resources to take action on title: |- Resources to take action on x-vmw-nsx-module: ClusterRestore SelectiveSyncSettings: allOf: - $ref: '#/definitions/ListResult' - properties: enabled: description: |- Enable or disable SelectiveSync title: |- Enable or disable SelectiveSync type: boolean selected_org_units: description: | If SelectiveSync is enabled, this contains 1 or more OrgUnits, which NSX will synchronize with in LDAP server. The full distiguished name (DN) should be used for OrgUnit. If SelectiveSync is disabled, do not define this or specify an empty list. items: type: string title: |- Selected OrgUnits for SelectiveSync type: array required: - enabled type: object x-vmw-nsx-module: DirectoryService description: |- Directory domain selective sync settings title: |- Directory domain selective sync settings x-vmw-nsx-module: DirectoryService SelfResourceLink: allOf: - $ref: '#/definitions/ResourceLink' - type: object x-vmw-nsx-module: Common description: |- The server will populate this field when returing the resource. Ignored on PUT and POST. title: |- Link to this resource x-vmw-nsx-module: Common Service: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: is_default: default: false description: | The flag, if true, indicates that service is created in the system by default. Such default services can't be modified/deleted. readOnly: true title: |- Flag for default services type: boolean service_entries: description: |- Service type items: $ref: '#/definitions/ServiceEntry' maxItems: 50 title: |- Service type type: array service_type: description: |- Type of service, EITHER or NON_ETHER title: |- Type of service, EITHER or NON_ETHER type: string type: object x-vmw-nsx-module: Policy description: | Used while defining a CommunicationEntry. A service may have multiple service entries. title: |- Contains the information related to a service x-vmw-nsx-module: Policy ServiceCapability: description: |- Service capabilities that will be inherited by service VMs created using a service definition that contains this service capability. properties: can_decrement_si: default: false description: |- Indicating whether service is configured to decrement SI field in NSH metadata. readOnly: true title: |- SI decrement flag type: boolean nsh_liveness_support_enabled: default: false description: |- Indicating whether service supports NSH liveness detection. readOnly: false title: |- NSH liveness support flag type: boolean title: |- Service capabilities type: object x-vmw-nsx-module: ServiceInsertionCommonTypes ServiceChainMapping: description: |- A ServiceInsertionServiceProfile can be part of multiple ServiceChains. ServiceChainMapping for a particular profile will contain a list of all the ServiceChains it's part of. Each Mapping will also contain some metadata to uniquely identify a profile from other profiles. properties: direction: description: |- Each ServiceChain has forward_path_service_profiles and reverse_path_service_profiles. This property will indicate which of them being used. FORWARD - forward_path_service_profiles REVERSE - reverse_path_service_profiles enum: - FORWARD - REVERSE readOnly: true title: |- Direction type: string service_chain_id: description: |- A unique id generated for every ServiceChain. This is not a uuid. readOnly: true title: |- Service Chain id type: string service_index: description: |- Service Index represents a numerical position of a ServiceInsertionServiceProfile in a ServiceChain. It will be in reverse order. Service Index can point to either forward_path_service_profiles or reverse_path_service_profiles indicated by direction property. Example - For a ServiceChain A-B-C, A will have index of 3, B will have index of 2 and C will have index of 1. format: int64 readOnly: true title: |- Service Index type: integer title: |- Service Chain Mapping type: object x-vmw-nsx-module: ServiceInsertionCommonTypes ServiceChainMappingListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of the Service Chain Mappings. The list has to be homogenous. items: $ref: '#/definitions/ServiceChainMapping' readOnly: true title: |- Service Chain Mapping List type: array type: object x-vmw-nsx-module: ServiceInsertion description: |- Service Chain Mapping List title: |- Service Chain Mapping List x-vmw-nsx-module: ServiceInsertion ServiceDefinition: allOf: - $ref: '#/definitions/ManagedResource' - properties: attachment_point: description: |- The point at which the service is deployed/attached for redirecting the traffic to the the partner appliance. Attachment Point is required if Service caters to any functionality other than EPP and MPS. items: enum: - TIER0_LR - TIER1_LR - SERVICE_PLANE type: string maxItems: 2 minItems: 0 readOnly: false title: |- Attachment Point type: array functionalities: description: |- The capabilities provided by the services. Needs to be one or more of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion Detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | TLB - Transparent Load Balancer | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service) | MPS - Malware Prevention Solution items: enum: - NG_FW - IDS_IPS - NET_MON - HCX - BYOD - EPP - TLB - MPS type: string minItems: 1 readOnly: false title: |- Functionality Type type: array implementations: description: |- This indicates the insertion point of the service i.e whether the service will be used to protect North-South or East-West traffic in the datacenter. items: enum: - NORTH_SOUTH - EAST_WEST type: string maxItems: 1 minItems: 1 readOnly: false title: |- Implementation Type type: array on_failure_policy: default: ALLOW description: |- Failure policy for the service tells datapath, the action to take i.e to Allow or Block traffic during failure scenarios. For north-south ServiceInsertion, failure policy in the service instance takes precedence. For east-west ServiceInsertion, failure policy in the service chain takes precedence. BLOCK is not supported for Endpoint protection (EPP) and MPS functionality. enum: - ALLOW - BLOCK readOnly: false title: |- On Failure Policy type: string service_capability: $ref: '#/definitions/ServiceCapability' service_deployment_spec: $ref: '#/definitions/ServiceDeploymentSpec' service_manager_id: description: | ID of the service manager to which this service is attached with. This field is not set during creation of service. This field will be set explicitly when Service Manager is created successfully using this service. readOnly: true title: |- Service Manager Id type: string transports: description: |- Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP and MPS. items: enum: - L2_BRIDGE - L3_ROUTED - NSH type: string maxItems: 1 minItems: 0 readOnly: false title: |- Transport Type type: array vendor_id: description: |- Id which is unique to a vendor or partner for which the service is created. readOnly: false title: |- Vendor ID type: string required: - vendor_id - implementations - functionalities type: object x-vmw-nsx-module: ServiceInsertionCommonTypes description: |- Registering a Service is the first step in the ServiceInsertion mechanism. A ServiceDefinition is used to create a service. title: |- Definition of a Service. x-vmw-nsx-module: ServiceInsertionCommonTypes ServiceDeploymentSpec: description: |- ServiceDeployment Spec consists of information required to deploy and configure the partner appliances. viz. Deployment template, deployment spec and NIC metatdata. properties: deployment_specs: description: |- Deployment Specs holds information required to deploy the Service-VMs. i.e. OVF url where the partner Service-VM OVF is hosted. The host type on which the OVF can be deployed, Form factor to name a few. items: $ref: '#/definitions/SVMDeploymentSpec' maxItems: 128 readOnly: false title: |- Service Deployment Spec List type: array deployment_template: description: |- Deployment Template holds the attributes specific to partner for which the service is created. These attributes are opaque to NSX Manager. items: $ref: '#/definitions/DeploymentTemplate' readOnly: false title: |- Service Deployment Template type: array nic_metadata_list: description: |- NIC metadata associated with the deployment spec. items: $ref: '#/definitions/NicMetadata' readOnly: false title: |- NIC Metadata type: array svm_version: description: |- Partner needs to specify the Service VM version which will get deployed. title: |- Partner Service-VM version. type: string required: - deployment_template title: |- Service Deployment Specification. type: object x-vmw-nsx-module: ServiceInsertionCommonTypes ServiceEntry: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: resource_type: enum: - IPProtocolServiceEntry - IGMPTypeServiceEntry - ICMPTypeServiceEntry - ALGTypeServiceEntry - L4PortSetServiceEntry - EtherTypeServiceEntry - NestedServiceServiceEntry type: string required: - resource_type type: object x-vmw-nsx-module: Policy description: |- A Service entry that describes traffic title: |- A Service entry that describes traffic x-vmw-nsx-module: Policy ServiceEntryListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Service entry list results items: $ref: '#/definitions/ServiceEntry' title: |- Service entry list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Service entries title: |- Paged Collection of Service entries x-vmw-nsx-module: Policy ServiceInsertionServiceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of the Service-Insertion Services. The list has to be homogenous. items: $ref: '#/definitions/ServiceDefinition' readOnly: true title: |- Service list type: array type: object x-vmw-nsx-module: ServiceInsertion description: |- Service List title: |- Service List x-vmw-nsx-module: ServiceInsertion ServiceInstanceEndpoint: allOf: - $ref: '#/definitions/BaseEndpoint' - properties: service_interface_path: description: |- Path of Service Interface to which this ServiceInstanceEndpoint is connected. readOnly: false title: |- Service Interface path type: string required: - service_interface_path type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- A ServiceInstanceEndpoint belongs to one ByodPolicyServiceInstance and is attached to one ServiceInterface. A ServiceInstanceEndpoint represents a redirection target for a RedirectionPolicy. title: |- Service EndPoint for Byod Policy Service Instance x-vmw-nsx-module: PolicyServiceInsertion ServiceInstanceEndpointListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- ServiceInstanceEndpoint list results items: $ref: '#/definitions/ServiceInstanceEndpoint' title: |- ServiceInstanceEndpoint list results type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Paged Collection of ServiceInstanceEndpoint title: |- Paged Collection of ServiceInstanceEndpoint x-vmw-nsx-module: PolicyServiceInsertion ServiceInterface: allOf: - $ref: '#/definitions/BaseTier0Interface' - type: object x-vmw-nsx-module: PolicyConnectivity description: |- Service interface configuration for internal connectivity. title: |- Service interface configuration x-vmw-nsx-module: PolicyConnectivity ServiceInterfaceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Service Interface list results items: $ref: '#/definitions/ServiceInterface' title: |- Service Interface list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Service Interfaces title: |- Paged collection of Service Interfaces x-vmw-nsx-module: PolicyConnectivity ServiceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Service list results items: $ref: '#/definitions/Service' title: |- Service list results type: array required: - results type: object x-vmw-nsx-module: Policy description: |- Paged Collection of Services title: |- Paged Collection of Services x-vmw-nsx-module: Policy ServicePath: description: |- An instance of service chain that consists of forward and reverse service paths. properties: forward_path: $ref: '#/definitions/UnidirectionalServicePath' reverse_path: $ref: '#/definitions/UnidirectionalServicePath' service_chain_id: description: |- A unique id of a service chain. format: int64 readOnly: true title: |- Service chain id type: integer service_chain_uuid: description: |- Uuid of a service chain. readOnly: true title: |- Uuid of a service chain type: string service_path_id: description: |- Unique identifier of a service path. format: int64 readOnly: true title: |- Service path id type: integer title: |- Service path type: object x-vmw-nsx-module: ServiceInsertionCommonTypes ServicePathHop: description: |- Represents a service VM implementing a particular service in a service chain properties: action: description: |- Action that will be taken by the corresponding service VM of the hop. enum: - SERVICE_ACTION_INVALID - COPY - REDIRECT readOnly: true title: |- Action type: string can_decrement_si: description: |- Indicating whether service is configured to decrement SI field in NSH metadata. readOnly: true title: |- SI decrement flag type: boolean in_maintenance_mode: description: |- Indicating the maintenance mode of the corresponding service VM. readOnly: true title: |- Maintenance mode flag type: boolean is_active_from_ccp: description: |- Indicating whether the corresponding service VM is active or not per CCP. readOnly: true title: |- Active flag managed by CCP type: boolean is_active_from_dp: description: |- Indicating whether the corresponding service VM is active or not per DP. readOnly: true title: |- Active flag managed by DP type: boolean is_active_from_mp: description: |- Indicating whether the corresponding service VM is active or not per MP. readOnly: true title: |- Active flag managed by MP type: boolean mac_address: description: |- MAC address of the virtual network interface. readOnly: true title: |- MAC address of the virtual network interface. type: string nsh_liveness_support: description: |- Indicating whether NSH liveness is supported or not by the corresponding service VM. readOnly: true title: |- NSH liveness flag type: boolean vif: description: |- ID of the virtual network interface. readOnly: true title: |- Virtual interface id type: string title: |- Service path hop type: object x-vmw-nsx-module: ServiceInsertionCommonTypes ServicePathListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of homogenous service paths items: $ref: '#/definitions/ServicePath' readOnly: true title: |- Service Path list type: array type: object x-vmw-nsx-module: ServiceInsertion description: |- Service path list title: |- Service path list x-vmw-nsx-module: ServiceInsertion ServiceProfileGroups: allOf: - $ref: '#/definitions/ManagedResource' - properties: groups: description: |- List of Groups Used in ServiceInsertion Rules. items: $ref: '#/definitions/GroupInfo' readOnly: true title: |- Group Info List type: array type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- ServiceProfileGroups contains list of Groups referenced in Service Insertion Rules.To be considered, Service profile must be part of a Service chain and that Service chain must be used in a Rule. title: |- Groups used in Service Profile x-vmw-nsx-module: PolicyServiceInsertion ServiceReference: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enabled: default: true description: |- A Service's operational state can be enabled or disabled. Note that would work only for NetX type of services and would not work for Guest Introsp- ection type of Services. TRUE - The Service should be enabled FALSE - The Service should be disabled readOnly: false title: |- Operational state of the Service. type: boolean partner_service_name: description: |- Unique name of Partner Service to be consumed for redirection. title: |- Name of Partner Service type: string required: - partner_service_name type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- An anchor object representing the intent to consume a given 3rd party service. title: |- An anchor object representing the intent to consume a given 3rd party service. x-vmw-nsx-module: PolicyServiceInsertion ServiceReferenceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Service Reference list results items: $ref: '#/definitions/ServiceReference' title: |- Service Reference list results type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Service Reference List title: |- Service Reference List x-vmw-nsx-module: PolicyServiceInsertion ServiceSegment: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: lr_paths: description: |- Policy paths of logical routers or ports | to which this Service Segment can be connected. items: type: string title: |- Policy paths of logical routers type: array transport_zone_path: description: |- Policy path to transport zone. Only overlay transport zone is supported. title: |- Policy path to the transport zone type: string required: - transport_zone_path type: object x-vmw-nsx-module: PolicyConnectivity description: | Service Segment configuration to attach Service Insertion VM. title: |- Service Segment configuration x-vmw-nsx-module: PolicyConnectivity ServiceSegmentListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Service Segment list results items: $ref: '#/definitions/ServiceSegment' title: |- Service Segment list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Service Segment title: |- Paged collection of Service Segment x-vmw-nsx-module: PolicyConnectivity SessionTimerProfileBindingListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Session timer profile binding maps list results items: $ref: '#/definitions/SessionTimerProfileBindingMap' title: |- Session timer profile binding maps list results type: array required: - results type: object x-vmw-nsx-module: PolicyProfile description: |- Paged Collection of session timer profile binding maps title: |- Paged Collection of session timer profile binding maps x-vmw-nsx-module: PolicyProfile SessionTimerProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - type: object x-vmw-nsx-module: PolicyProfile description: | This entity will be used to establish association between Session Timer profile and Logical Routers. title: |- Policy Session Timer Profile binding map x-vmw-nsx-module: PolicyProfile SetFields: allOf: - $ref: '#/definitions/Action' - properties: field_settings: description: |- Field Settings. items: $ref: '#/definitions/FieldSetting' minItems: 1 title: |- Field Settings type: array type: object x-vmw-nsx-module: PolicyReaction description: | Set Fields is an action to set fields of the source event. title: |- Set Fields x-vmw-nsx-module: PolicyReaction ShaDynamicPlugin: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: applied_to_group_path: description: | The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin. title: |- Binding Policy group path type: string is_plugin_uploaded: description: | Flag to show the dynamic plugin zip file is uploaded. readOnly: true title: |- Flag to show the dynamic plugin status type: boolean type: object x-vmw-nsx-module: PolicySha description: | Define a kind of dynamic Sha plugin. title: |- Sha dynamic Plugin x-vmw-nsx-module: PolicySha ShaDynamicPluginListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Sha dynamic plugin list results items: $ref: '#/definitions/ShaDynamicPlugin' title: |- Sha dynamic plugin list results type: array required: - results type: object x-vmw-nsx-module: PolicySha description: |- Paged list of Sha dynamic plugin list. title: |- Paged list of Sha dynamic plugin list. x-vmw-nsx-module: PolicySha ShaDynamicPluginProfile: allOf: - $ref: '#/definitions/ShaPluginProfile' - properties: config: description: |- Define the plugin configurtion. title: |- Plugin configuration type: string required: - config type: object x-vmw-nsx-module: PolicySha description: |- Dynamic created plugin profile title: |- Dynamic created plugin profile x-vmw-nsx-module: PolicySha ShaPluginProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: applied_to_group_path: description: | The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin. title: |- Binding Policy group path type: string enabled: description: |- The on-off switch of System Health Plugin title: |- Plugin Enablement Flag type: boolean plugin_path: description: | The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin. title: |- Plugin path type: string resource_type: description: |- Valid System Health plugin types enum: - PredefinedPlugin - DynamicPlugin type: string required: - plugin_path - enabled - resource_type type: object x-vmw-nsx-module: PolicySha description: | The ShaPluginProfile is the base class for System Health plugin profile title: |- Abstract base type for System Health plugin profil of different types x-vmw-nsx-module: PolicySha ShaPluginProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Sha plugin profile list results items: $ref: '#/definitions/ShaPluginProfile' title: |- Sha plugin profile list results type: array required: - results type: object x-vmw-nsx-module: PolicySha description: |- Paged list of Sha plugin profiles. title: |- Paged list of Sha plugin profiles. x-vmw-nsx-module: PolicySha ShaPreDefinedPluginListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Sha plugin list results items: $ref: '#/definitions/ShaPredefinedPlugin' title: |- Sha plugin list results type: array required: - results type: object x-vmw-nsx-module: PolicySha description: |- Paged list of Sha pre-defined plugin list. title: |- Paged list of Sha pre-defined plugin list. x-vmw-nsx-module: PolicySha ShaPredefinedPlugin: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: config: $ref: '#/definitions/ShaPredefinedPluginProfileData' delay_on_reboot: description: | The corresponding plugin will wait for config seconds after reboot. format: int64 readOnly: true title: |- The delay after reboot type: integer enabled: description: |- The on-off switch of Sha plugin readOnly: true title: |- Profile Enablement Flag type: boolean pre_req_conditions: description: | Display the pre-req conditions to run the predefined plugin. items: description: |- Valid pre-req condition enum: - WAVE_FRONT - TSDB - TRACE type: string readOnly: true title: |- The pre-req conditions type: array supported_node_types: description: | Display the running node types of predefined plugin. items: description: |- Valid NSX node type enum: - NSX_ESX - NSX_KVM - NSX_BAREMETAL_SERVER - NSX_EDGE - NSX_PUBLIC_CLOUD_GATEWAY - NSX_MANAGER - NSX_POLICY_MANAGER - NSX_CONTROLLER - GLOBAL_MANAGER type: string readOnly: true title: |- The supported node types type: array type: object x-vmw-nsx-module: PolicySha description: |- System pre-defined plugin config title: |- System pre-defined plugin config x-vmw-nsx-module: PolicySha ShaPredefinedPluginProfile: allOf: - $ref: '#/definitions/ShaPluginProfile' - properties: config: $ref: '#/definitions/ShaPredefinedPluginProfileData' required: - config type: object x-vmw-nsx-module: PolicySha description: |- System predefined plugin profile title: |- System predefined plugin profile x-vmw-nsx-module: PolicySha ShaPredefinedPluginProfileData: description: | Describes a config item for System Health profile. properties: check_interval: description: |- The interval of plugin to check the status. format: int64 title: |- The check interval type: integer report_interval: description: |- The interval of plugin to report the status. format: int64 title: |- The report interval type: integer smallest_report_interval_if_change: description: | The smallest report interval if the status is changed. The value of smallest_report_interval_if_change should be less than the value of report_interval format: int64 title: |- The smallest report interval type: integer title: |- System Health Plugin Config Item type: object x-vmw-nsx-module: PolicySha Site: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: fail_if_rtep_misconfigured: default: true description: | Both the local site and the remote site must have edge clusters correctly configured and remote tunnel endpoint (RTEP) interfaces must be defined, or onboarding will fail. title: |- Fail onboarding if RTEPs misconfigured type: boolean fail_if_rtt_exceeded: default: true description: | Fail onboarding if maximum RTT exceeded. title: |- Fail onboarding if maximum RTT exceeded type: boolean federation_config: $ref: '#/definitions/GmFederationSiteConfig' maximum_rtt: default: 250 description: | If provided and fail_if_rtt_exceeded is true, onboarding of the site will fail if measured RTT is greater than this value. format: int64 maximum: 1000 minimum: 0 title: |- Maximum acceptable packet round trip time (RTT) type: integer site_connection_info: description: | To onboard a site, the connection information (username, password, and API thumbprint) for at least one NSX manager node in the remote site must be provided. Once the site has been successfully onboarded, the site_connection_info is discarded and authentication to the remote site occurs using an X.509 client certificate. items: $ref: '#/definitions/SiteNodeConnectionInfo' maxItems: 3 title: |- Connection information type: array site_number: description: |- 12-bit system generated site number format: int64 readOnly: true title: |- 12-bit system generated site number type: integer type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: | Site represents an NSX deployment having its own set of NSX clusters and transport nodes. It may correspond to a Data Center, VMC deployment, or NSX-Cloud deployment managed via CSM. title: |- Site x-vmw-nsx-module: PolicyEnforcementPointManagement SiteAllocationIndexForEdge: description: | Index for cross site allocation for edge cluster and its members referred by gateway. properties: index: description: | Unqiue edge cluster node index across sites based on stretch of the Gateway. For example, if a Gateway is streched to sites S1 with one edge cluster of 3 nodes and site S2 with one edge cluster of 2 nodes, the in the Global Manager will allocate the index for 5 edge nodes and 2 cluster in the rage 0 to 7. format: int64 readOnly: true title: |- Unique index across sites for gateway span type: integer target_resource_path: description: |- Edge cluster or edge node path readOnly: true title: |- Edge cluster or edge node path type: string title: | Allocation index for edge type: object x-vmw-nsx-module: PolicyConnectivity SiteFederationConfig: description: |- Site fedeation configuration. properties: rtep_ips: description: |- Remote tunnel endpoint IP addresses items: description: |- IPv4 or IPv6 address format: ip type: string readOnly: true title: |- Remote tunnel endpoint IP addresses type: array site_id: description: |- Site UUID readOnly: true title: |- Site UUID type: string site_index: description: |- Unique site index allocated (from range 0-4095) format: int64 readOnly: true title: |- Unique site index allocated (from range 0-4095) type: integer site_path: description: |- Site path readOnly: true title: |- Site path type: string title: |- Site fedeation configuration type: object x-vmw-nsx-module: PolicySiteGM SiteListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Site list result. items: $ref: '#/definitions/Site' title: |- Site List Result type: array required: - results type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Paged Collection of Sites. title: |- Paged Collection of Sites x-vmw-nsx-module: PolicyEnforcementPointManagement SiteNodeConnectionInfo: description: |- Credential info to connect to a node in the federated remote site. properties: fqdn: description: | Please specify the fqdn of the Management Node of your site. title: |- Fully Qualified Domain Name of the Management Node type: string password: description: |- Password to connect to Site's Local Manager. title: |- Password type: string thumbprint: description: | Thumbprint of Site's Local Manager in the form of a SHA-256 hash represented in lower case HEX. title: |- Thumbprint of Enforcement Point type: string username: description: |- Username to connect to Site's Local Manager. title: |- Username type: string required: - fqdn title: |- Site Node Connection Info type: object x-vmw-nsx-module: PolicyEnforcementPointManagement SiteOffBoardingState: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: message: description: | Captures message associated with status. If FAILED, can contain folowing errors local site configuration is null internal server error with detail readOnly: true title: |- Message about the status. type: string previousErrorMessage: description: | Contains previus failed message in case, state machine is stuck in a state readOnly: true title: |- Previous failure message. type: string status: description: | Represents site offboarding status. enum: - INITIALIZE_INPROGRESS - INITIALIZE_FAILED - INITIALIZE_SUCCESSFUL - CLEANUP_INPROGRESS - CLEANUP_FAILED - CLEANUP_SUCCESSFUL - REALIZATION_INPROGRESS - REALIZATION_FAILED - REALIZATION_SUCCESSFUL - TERMINAL_INPROGRESS - TERMINAL_FAILED - FAILED - SUCCESSFUL readOnly: true title: |- Status of site. type: string type: object x-vmw-nsx-module: PolicySiteOffboarding description: | Represents site offboarding status. title: |- Represents site offboarding status. x-vmw-nsx-module: PolicySiteOffboarding SiteOverride: description: |- IPSecVPN site specific attributes specified only on GM. This allows user to specify site specific parameters which overrides the correspondig attributes in the IPSecVpnSession Object. properties: local_endpoint_path: description: |- Policy path referencing Local endpoint. title: |- Local endpoint path type: string locale_service_path: description: |- Policy path referencing LocateService where SiteOverride attributes will be applied title: |- Locale service policy path type: string peer_address: description: |- Public IPV4 address of the remote device terminating the VPN connection. title: |- IPV4 address of peer endpoint on remote site type: string peer_id: description: |- Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. title: |- Peer id type: string tunnel_interfaces: description: |- IP Tunnel interfaces. This property is mandatory for RouteBasedIpSecVpn session. items: $ref: '#/definitions/IPSecVpnTunnelInterface' maxItems: 1 minItems: 1 title: |- IP Tunnel interfaces type: array required: - peer_address - locale_service_path - local_endpoint_path - peer_id title: |- IPSecVpn Site Override Parameters type: object x-vmw-nsx-module: PolicyVpnIPSecVpn SoftwareModule: description: |- Software module details properties: module_name: description: |- Name of the module in the node title: |- Name of the module in the node type: string module_version: description: |- Version of the module in the node title: |- Version of the module in the node type: string required: - module_name - module_version title: |- Software module details type: object x-vmw-nsx-module: FabricNode SoftwareModuleResult: description: |- Software module result properties: software_modules: description: |- Software module results items: $ref: '#/definitions/SoftwareModule' title: |- Software module results type: array required: - software_modules title: |- Software module result type: object x-vmw-nsx-module: FabricNode Source: description: | Source that is logically deemed to be the "object" upon which the Event in question initially occurred upon. The Source is responsible for providing information of the occurred event. Some example sources include: - Resource. - API. discriminator: resource_type properties: resource_type: description: | Event Source resource type. enum: - ResourceOperation - ApiRequestBody title: |- Resource Type type: string required: - resource_type title: |- Event Source type: object x-vmw-nsx-module: PolicyReaction SourceFieldEvaluation: allOf: - $ref: '#/definitions/Evaluation' - properties: expected: description: | Expected values necessary to apply the specified operation on the source field value. items: type: string maxItems: 1 minItems: 1 title: |- Operator Arguments type: array field_pointer: description: | Field in the form of a pointer, describing the location of the attribute within the source of the event. title: |- Field Pointer type: string operator: description: |- Logical operator. enum: - EQ - NOT_EQ title: |- Logical Operator type: string required: - operator - expected - field_pointer type: object x-vmw-nsx-module: PolicyReaction description: | Source Field Evaluation represents an evaluation on resource fields. A source field evaluation will be evaluated against an Event Source which is of type Resource Operation. For instance, the attribute constraint could be related to the necessity that one of the source fields equals one of the specified values. title: |- Source Field Evaluation x-vmw-nsx-module: PolicyReaction SpacerWidgetConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration for spacer widget. For this widget the data source is not applicable. This widget can be use to add the space inside the dashboard container. title: |- Spacer widget Configuration x-vmw-nsx-module: NsxDashboard Span: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: sites: description: | List of SpanSiteInfos representing the strech of the entity. items: $ref: '#/definitions/SpanSiteInfo' readOnly: true title: |- List of SpanSiteInfos type: array span_leader: description: | Represents Policy resource type streached entity's span leader. readOnly: true title: |- Policy resource type of span leader type: string span_resource: description: | Represents Policy resource path of streached entity. readOnly: true title: |- Policy resource path type: string span_resource_type: description: | Policy resource type of the streached entity. readOnly: true title: |- Policy resource type type: string type: object x-vmw-nsx-module: PolicySitesSpan description: | Represents the strech information for a federated entity available only on local manager. title: |- Represents strech information for federated entity. x-vmw-nsx-module: PolicySitesSpan SpanSiteInfo: description: | Represents the Site resource information for a Span entity including both the internal id as well as the site path. properties: site_id: description: | Site UUID representing the Site resource readOnly: true title: |- Internal ID of the Site resource type: string site_path: description: | Path of the Site resource readOnly: true title: |- Path of the Site resource type: string title: |- Represents Site resource for Span entity. type: object x-vmw-nsx-module: PolicySitesSpan SpoofGuardProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: address_binding_allowlist: default: false description: | If true, enable the SpoofGuard, which only allows VM sending traffic with the IPs in the whitelist. This value cannot conflict with whitelist. title: |- Enable SpoofGuard type: boolean address_binding_whitelist: default: false description: | If true, enable the SpoofGuard, which only allows VM sending traffic with the IPs in the whitelist. This field is deprecated because it has offensive terminology. Please use address_binding_allowlist. This value cannot conflict with allow list. title: |- Enable SpoofGuard type: boolean x-deprecated: true required: - address_binding_whitelist - address_binding_allowlist type: object x-vmw-nsx-module: PolicySpoofGuard description: | SpoofGuard is a tool that is designed to prevent virtual machines in your environment from sending traffic with IP addresses which are not authorized to send traffic from. A SpoofGuard policy profile once enabled blocks the traffic determined to be spoofed. title: |- SpoofGuard Profile x-vmw-nsx-module: PolicySpoofGuard SpoofGuardProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- SpoofGuard profile list results items: $ref: '#/definitions/SpoofGuardProfile' title: |- SpoofGuard profile list results type: array required: - results type: object x-vmw-nsx-module: PolicySpoofGuard description: |- Paged collection of SpoofGuard profiles title: |- Paged collection of SpoofGuard profiles x-vmw-nsx-module: PolicySpoofGuard StandaloneHostIdfwConfiguration: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: idfw_enabled: description: |- If set to true, Idfw is enabled for standalone hosts readOnly: false title: |- Idfw enabled flag type: boolean required: - idfw_enabled type: object x-vmw-nsx-module: PolicyFirewallConfiguration description: | Idfw configuration for enable/disable idfw on standalone hosts. title: |- Standalone host idfw configuration x-vmw-nsx-module: PolicyFirewallConfiguration StandardHostSwitch: description: |- Standard host switch specification properties: cpu_config: description: |- CPU configuration specifies number of Logical cpu cores (Lcores) per Non Uniform Memory Access (NUMA) node dedicated to Enhanced Networking Stack enabled HostSwitch to get the best performance. items: $ref: '#/definitions/CpuCoreConfigForEnhancedNetworkingStackSwitch' readOnly: false title: |- Enhanced Networking Stack enabled HostSwitch CPU configuration type: array host_switch_id: description: |- This field is writable only in case of VDS type HostSwitch and system generated for NVDS type. For VDS type host switch, This field is used to lookup a VDS from corresponding Compute Manager and then can be configured for logical networking. For NVDS type host switch, This field is system generated and if provided will be overwritten. title: |- The host switch id. This ID will be used to reference a host switch. type: string host_switch_mode: description: |- STANDARD - This mode applies to all the hypervisors. ENS - This is the Enhanced Data Path switch mode. This mode provides accelerated networking performances but also introduces additional prerequisites. In order to benefit from this mode, workloads will be need to be compiled with DPDK and will use VMXNET3 for their vNIC. This mode is only available on ESX hypervisor (6.7 and above, recommended 6.7 U2 and above) and unavailable on KVM, EDGE and Public Cloud Gateway. Not all NSX features are available in this mode, please consult the documentation. ENS_INTERRUPT - This is an interrupt driven variant of the Enhanced Data Path mode. Please, consult your account representative for applicability. This mode is available only on ESX hypervisor (7.0 and above). If this property is specified, transport_zone_endpoints must be specified at StandardHostSwitch level. enum: - STANDARD - ENS - ENS_INTERRUPT readOnly: false title: |- Operational mode of a HostSwitch. type: string host_switch_name: default: nsxDefaultHostSwitch description: |- This field is writable only in case of NVDS type HostSwitch and system generated for VDS type. For NVDS type host switch, If this name is unset or empty then the default host switch name will be used. The name must be unique among all host switches specified in a given transport node; unset name, empty name and the default host switch name are considered the same in terms of uniqueness. For VDS type host switch, Manager fetches VDS name from corresponding Compute Manager and populates this field. If VDS name is given (correct or incorrect) it is ignored and overwritten with correct one. title: |- host switch name. This name will be used to reference a host switch. type: string x-deprecated: true host_switch_profile_ids: description: |- Host switch profiles bound to this host switch. If a profile ID is not provided for any HostSwitchProfileType that is supported by the transport node, the corresponding default profile will be bound to the host switch. If transport node is created using Policy APIs, use policyPaths instead of UUIDs. items: $ref: '#/definitions/HostSwitchProfileTypeIdEntry' title: |- Identifiers of host switch profiles to be associated with this host switch. type: array host_switch_type: default: NVDS description: |- VDS represents VMware vSphere Distributed Switch from vSphere that is used as HostSwitch through TransportNode or TransportNodeProfile configuration. When VDS is used as a HostSwitch, Hosts have to be added to VDS from vSphere and VDS instance is created on Hosts. To configure NSX on such hosts, you can use this VDS as a HostSwitch from NSX manager. vCenter has the ownership of MTU, LAG, NIOC and LLDP configuration of such VDS backed HostSwitch. Remaining configuration (e.g. UplinkHostswitchProfile) will be managed by NSX. NVDS represents NSX Virtual Switch which is NSX native HostSwitch. All configurations of NVDS will be managed by NSX. HostSwitch of type NVDS has been deprecated on ESX hosts that are managed by a vCenter Server. enum: - NVDS - VDS title: |- Type of HostSwitch type: string ip_assignment_spec: $ref: '#/definitions/IpAssignmentSpec' is_migrate_pnics: default: false description: |- If the pnics specified in the pnics field are used by a single Vsphere Standard Switch or DVS, then migrate the pnics to N-VDS. If any two pnics are not used by the same Vsphere Standard Switch or DVS, it is not supported. In such cases, please migrate them in multiple steps, one Vsphere Standard Switch or DVS at a time. title: |- Migrate any pnics which are in use type: boolean pnics: description: |- Pnics are specified when HostSwitch is of type NVDS. When using the Quick Start workflow on 7.0 clusters, pnic information will be populated by the recommendation when providing a VDS HostSwitch based on a VSS HostSwitch. items: $ref: '#/definitions/Pnic' title: |- Physical NICs connected to the host switch type: array pnics_uninstall_migration: description: |- This is only supported for NVDS type of host switch. If this is specified for VDS type of host switch, an error will be returned to user. The pnics to be migrated out to a non N-VDS switch during transport node deletion. items: $ref: '#/definitions/Pnic' title: |- Physical NICs connected to a switch type: array portgroup_transport_zone_id: description: |- A transport zone will be created for each DVS found across all hosts in a cluster that is installed for NSX on DVPG. This field, populated by NSX, is the ID of the transport zone created for the DVS this host switch represents. All discovered segments created for the DVPGs found on the DVS will have this ID specified as the transport zone id. readOnly: true title: |- Transport Zone ID representing the DVS used in NSX on DVPG type: string transport_zone_endpoints: description: |- List of TransportZones that are to be associated with specified host switch. If this property is specified, host_switch_mode at StandardHostSwitch level must be specified. items: $ref: '#/definitions/TransportZoneEndPoint' readOnly: false title: |- Transport zone endpoints. type: array uplinks: description: |- If VDS is used as a HostSwitch this attribute must be specified. You can associate uplinks from UplinkHostSwitchProfile to either VDS uplink or LAG. VDS uplink or LAG will inherit the global VDS level teaming policy from vSphere. NSX managed uplink or LAG will have NSX teaming policy configured through UplinkHostSwitchProfile. items: $ref: '#/definitions/VdsUplink' title: |- Uplink/LAG of VMware vSphere Distributed Switch connected to the HostSwitch type: array vmk_install_migration: description: |- This is only supported for NVDS type of host switch. If this is specified for VDS type of host switch, an error will be returned to user. The vmk interfaces and the associated logical switches on the host switch. The state of this field is realized on the transport node during creation and update. items: $ref: '#/definitions/VmknicNetwork' title: |- The vmknic and logical switch mappings type: array vmk_uninstall_migration: description: |- This is only supported for NVDS type of host switch. If this is specified for VDS type of host switch, an error will be returned to user. The vmk interfaces and the associated portgroups on the VSS/DVS. This field is realized on the host during transport node deletion or NSX uninstallation to specify the destination for all vmks on N-VDS switches. items: $ref: '#/definitions/VmknicNetwork' title: |- The vmknic and portgroup mappings type: array title: |- Standard host switch specification type: object x-vmw-nsx-module: TransportNode StandardHostSwitchSpec: allOf: - $ref: '#/definitions/HostSwitchSpec' - properties: host_switches: description: |- Transport Node host switches items: $ref: '#/definitions/StandardHostSwitch' minItems: 0 title: |- Transport Node host switches type: array required: - host_switches type: object x-vmw-nsx-module: TransportNode description: |- Standard host switch specification is used for NSX configured transport node. title: |- Specification of transport node standard host switch x-vmw-nsx-module: TransportNode StatItem: description: |- Displayed as a single number. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states. properties: drilldown_id: description: |- Id of drilldown widget, if any. Id should be a valid id of an existing widget. title: |- Id of drilldown widget type: string tooltip: description: |- Multi-line text to be shown on tooltip while hovering over the stat. items: $ref: '#/definitions/Tooltip' minItems: 0 title: |- Multi-line tooltip type: array total: description: |- If expression for total is specified, it evaluates it. Total can be omitted if not needed to be shown. title: |- Total type: string value: description: |- Expression for stat to be displayed. maxLength: 1024 title: |- Stat type: string required: - value title: |- Statistic of an entity type: object x-vmw-nsx-module: NsxDashboard StaticARPConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: ip_address: description: |- IP Address format: ip type: string mac_address: description: |- MAC Address format: mac-address type: string required: - ip_address - mac_address type: object x-vmw-nsx-module: PolicyConnectivity description: | Contains Static ARP configuration for Segment. title: |- Static ARP Config x-vmw-nsx-module: PolicyConnectivity StaticFilter: description: |- Static filters properties: additional_value: description: |- An additional key-value pair for static filter. title: |- An additional value for static filter type: object display_name: description: |- display name to be shown in the drop down for static filter. maxLength: 1024 title: |- Display name for static filter type: string short_display_name: description: |- Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used. maxLength: 1024 title: |- A property value to be shown once value is selected for a filter. type: string value: description: |- Value of static filter inside dropdown filter. title: |- Value of static filter type: string title: |- Static filters type: object x-vmw-nsx-module: NsxDashboard StaticIpListSpec: allOf: - $ref: '#/definitions/IpAssignmentSpec' - properties: default_gateway: description: |- Gateway IP format: ip readOnly: false type: string ip_list: description: |- List of IPs for transport node host switch virtual tunnel endpoints items: description: |- IPv4 or IPv6 address format: ip type: string maxItems: 32 readOnly: false title: |- List of IPs for transport node host switch virtual tunnel endpoints type: array subnet_mask: description: |- Subnet mask format: ip readOnly: false type: string required: - subnet_mask - ip_list - default_gateway type: object x-vmw-nsx-module: TransportNode description: |- IP assignment specification for Static IP List. title: |- IP assignment specification for Static IP List. x-vmw-nsx-module: TransportNode StaticIpMacListSpec: allOf: - $ref: '#/definitions/IpAssignmentSpec' - properties: default_gateway: description: |- Gateway IP format: ip readOnly: false type: string ip_mac_list: description: |- List of IPs and MACs for transport node host switch virtual tunnel endpoints items: $ref: '#/definitions/IpMacPair' maxItems: 32 readOnly: false title: |- List of IPs and MACs for transport node host switch virtual tunnel endpoints type: array subnet_mask: description: |- Subnet mask format: ip readOnly: false type: string required: - subnet_mask - ip_mac_list - default_gateway type: object x-vmw-nsx-module: TransportNode description: |- IP and MAC assignment specification for Static IP List. title: |- IP and MAC assignment specification for Static IP List. x-vmw-nsx-module: TransportNode StaticIpPoolSpec: allOf: - $ref: '#/definitions/IpAssignmentSpec' - properties: ip_pool_id: readOnly: false type: string required: - ip_pool_id type: object x-vmw-nsx-module: TransportNode description: |- IP assignment specification for Static IP Pool. title: |- IP assignment specification for Static IP Pool. x-vmw-nsx-module: TransportNode StaticMimeContent: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: text_message: description: |- text message. title: |- text message type: string required: - text_message type: object x-vmw-nsx-module: PolicyStaticMimeContent description: |- MIME content with text message and image path in it. title: |- Static MIME content x-vmw-nsx-module: PolicyStaticMimeContent StaticMimeContentListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Policy static mime content list results items: $ref: '#/definitions/StaticMimeContent' title: |- Policy static mime content list results type: array required: - results type: object x-vmw-nsx-module: PolicyStaticMimeContent description: |- Paged Collection of Policy static mime contents title: |- Paged Collection of Policy static mime contents x-vmw-nsx-module: PolicyStaticMimeContent StaticRouteBfdPeer: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: bfd_profile_path: description: |- Bfd Profile is not supported for IPv6 networks. title: |- Policy path to Bfd Profile type: string enabled: default: true description: |- Flag to enable BFD peer. title: |- Enable BFD Peer type: boolean peer_address: description: |- Only IPv4 addresses are supported. Only a single BFD config per peer address is allowed. title: |- IP Address of static route next hop peer type: string scope: description: | Represents the array of policy paths of locale services where this BFD peer should get relalized on. The locale service service and this BFD peer must belong to the same router. Default scope is empty. items: type: string title: |- Array of policy paths of locale services type: array source_addresses: description: |- Array of Tier0 external interface IP addresses. BFD peering is established from all these source addresses to the neighbor specified in peer_address. Only IPv4 addresses are supported. items: type: string maxItems: 8 minItems: 0 title: |- List of source IP addresses type: array required: - peer_address type: object x-vmw-nsx-module: PolicyConnectivity description: |- Static Route Bidirectional Forwarding Detection Peer title: |- Static Route Bidirectional Forwarding Detection Peer x-vmw-nsx-module: PolicyConnectivity StaticRouteBfdPeerListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- StaticRouteBfdPeer list results. items: $ref: '#/definitions/StaticRouteBfdPeer' title: |- StaticRouteBfdPeer list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of StaticRouteBfdPeer. title: |- Paged Colleciton of StaticRouteBfdPeer x-vmw-nsx-module: PolicyConnectivity StaticRoutes: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enabled_on_secondary: default: false description: | When false or by default northbound routes are configured only on the primary location and not on secondary location. When true, the static route will also be configured on a secondary location. Secondary location prefers route learned from the primary location and enabling this flag secondary location can override this. This flag is not applicable if all sites are primary. title: |- Flag to plumb route on secondary site type: boolean network: description: | Specify network address in CIDR format. format: address-or-block-or-range type: string next_hops: description: | Specify next hop routes for network. items: $ref: '#/definitions/RouterNexthop' minItems: 1 title: |- Next hop routes for network type: array required: - next_hops - network type: object x-vmw-nsx-module: PolicyConnectivity description: |- Static routes configuration on Tier-0 or Tier-1. title: |- Static routes configuration on Tier-0 or on Tier-1 x-vmw-nsx-module: PolicyConnectivity StaticRoutesListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Static Routes list results items: $ref: '#/definitions/StaticRoutes' title: |- Static Routes list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Static Routes title: |- Paged collection of Static Routes x-vmw-nsx-module: PolicyConnectivity StatsConfiguration: allOf: - $ref: '#/definitions/WidgetConfiguration' - properties: label: $ref: '#/definitions/Label' navigation: description: |- Hyperlink of the specified UI page that provides details. maxLength: 1024 title: |- Navigation to a specified UI page type: string sections: description: |- Sections items: $ref: '#/definitions/DonutSection' minItems: 0 title: |- Sections type: array stat: $ref: '#/definitions/StatItem' sub_type: description: |- A sub-type of StatsConfiguration. If sub-type is not specified the parent type is rendered. The COMPACT sub_type, conserves the space for the widget. The statistic is placed on the right side on top of the status bar and the title of the widget is placed on the left side on the top of the status bar. The COMPACT style aligns itself horizontally as per the width of the container. If multiple widgets are placed insided the container then the widgets are placed one below the other to conserve the space. enum: - COMPACT title: |- Sub-type of the StatsConfiguration type: string type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration of a statistic for an entity. Example, number of logical switches and their admin states. title: |- Stats Configuration x-vmw-nsx-module: NsxDashboard StatusCount: properties: degraded_count: description: |- Degraded count format: int32 title: |- Degraded count type: integer down_count: description: |- Down count format: int32 title: |- Down count type: integer status: description: |- Roll-up status enum: - UP - DOWN - DEGRADED - UNKNOWN title: |- Roll-up status type: string up_count: description: |- Up count format: int32 title: |- Up count type: integer type: object x-vmw-nsx-module: Heatmap StorageClasses: allOf: - $ref: '#/definitions/ListResult' - properties: name: description: |- List the name of storage classes items: type: string readOnly: true title: |- List the name of storage classes type: array type: object x-vmw-nsx-module: PolicyCloudNative description: | List Kubernetes storage classes. title: |- Kubernetes storage classes x-vmw-nsx-module: PolicyCloudNative StringArrayConstraintValue: allOf: - $ref: '#/definitions/ConstraintValue' - properties: values: description: |- Array of string values items: type: string maxItems: 100 minItems: 1 title: |- Array of String type: array required: - values type: object x-vmw-nsx-module: PolicyConstraints description: |- List of String values title: |- Array of String Values to perform operation x-vmw-nsx-module: PolicyConstraints SubjectPublicKeyHash: properties: public_key_sha256_hashes: description: |- List of SHA256 hashes of the Public Key of the revoked certificates with the specified subject. items: type: string title: |- SHA256 hashes of Public Keys type: array subject: description: |- Subject Distinguished Name of the revoked certificates. title: |- Subject Distinguished Name (DN) type: string type: object x-vmw-nsx-module: CertificateManager SvmConnectivityStatus: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: connectivity_status: description: |- Connectivity status with the deployed Solution VM TRUE - VM is configured and protected by EPP/AMS Service VM. FALSE - VM is either not configured for protection or VM is disconnected from EPP/AMS Service VM. readOnly: true title: |- Connectivity status with SVM type: boolean service_name: description: |- Service name as provided for Anti Malware Solution or as provided for third party Endpoint Protection solution during service registration. readOnly: true title: |- Service name of Solution type: string solution_id: description: |- Solution ID as provided for Anti Malware Solution(AMS) or as provided for third party Endpoint Protection(EPP) solution during service registration. readOnly: true title: |- SVM solutionID type: string type: object x-vmw-nsx-module: VmToolsInfo x-vmw-nsx-module: VmToolsInfo Tag: description: |- Arbitrary key-value pairs that may be attached to an entity properties: scope: default: '' description: |- Tag searches may optionally be restricted by scope maxLength: 128 readOnly: false title: |- Tag scope type: string tag: default: '' description: |- Identifier meaningful to user with maximum length of 256 characters readOnly: false title: |- Tag value type: string title: |- Arbitrary key-value pairs that may be attached to an entity type: object x-vmw-nsx-module: Common TagBulkOperation: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: apply_to: description: | List of resources on which tag needs to be applied. items: $ref: '#/definitions/ResourceInfo' title: |- List of resources on which tag needs to be applied type: array remove_from: description: | List of resources from which tag needs to be removed. items: $ref: '#/definitions/ResourceInfo' title: |- List of resources from which tag needs to be removed type: array tag: $ref: '#/definitions/Tag' required: - tag type: object x-vmw-nsx-module: PolicyTag description: | Tag and resource information on which tag to be applied or removed. title: |- Payload to update the tag on specified objects x-vmw-nsx-module: PolicyTag TagBulkOperationStatus: description: | Status of tag bulk operation. properties: apply_to: description: | Tag apply operation status per resource type. items: $ref: '#/definitions/ResourceTypeTagStatus' title: |- Tag apply operation status per resource type type: array path: description: |- Intent path corresponding to tag operation title: |- Intent path corresponding to tag operation type: string remove_from: description: | Tag remove operation status per resource type. items: $ref: '#/definitions/ResourceTypeTagStatus' title: |- Tag remove operation status per resource type type: array status: description: |- Overall status enum: - Success - Running - Error - Pending title: |- Overall status type: string tag: $ref: '#/definitions/Tag' required: - status - path - tag title: |- Status of tag bulk operation type: object x-vmw-nsx-module: PolicyTag TagInfo: allOf: - $ref: '#/definitions/Tag' - properties: tagged_objects_count: description: |- Number of objects with assigned with matching scope and tag values format: int32 readOnly: true title: |- Number of objects with assigned with matching scope and tag values type: integer type: object x-vmw-nsx-module: PolicyTag description: |- Information about arbitrary key-value pairs that may be attached to an entity title: |- Information about arbitrary key-value pairs that may be attached to an entity x-vmw-nsx-module: PolicyTag TagInfoListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Tag info list results items: $ref: '#/definitions/TagInfo' title: |- Tag info list results type: array required: - results type: object x-vmw-nsx-module: PolicyTag description: |- Paged Collection of Tags title: |- Paged Collection of Tags x-vmw-nsx-module: PolicyTag TaskListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Task property results items: $ref: '#/definitions/TaskProperties' title: |- Task property results type: array required: - results type: object x-vmw-nsx-module: Tasks description: |- Task query results title: |- Task query results x-vmw-nsx-module: Tasks TaskProperties: allOf: - $ref: '#/definitions/Resource' - properties: async_response_available: description: |- True if response for asynchronous request is available readOnly: true title: |- True if response for asynchronous request is available type: boolean cancelable: description: |- True if this task can be canceled readOnly: true title: |- True if this task can be canceled type: boolean description: description: |- Description of the task readOnly: true title: |- Description of the task type: string end_time: description: |- The end time of the task in epoch milliseconds format: int64 readOnly: true type: integer id: description: |- Identifier for this task readOnly: true title: |- Identifier for this task type: string message: description: |- A message describing the disposition of the task readOnly: true title: |- A message describing the disposition of the task type: string progress: description: |- Task progress if known, from 0 to 100 format: int64 maximum: 100 minimum: 0 readOnly: true title: |- Task progress if known, from 0 to 100 type: integer request_method: description: |- HTTP request method readOnly: true title: |- HTTP request method type: string request_uri: description: |- URI of the method invocation that spawned this task readOnly: true title: |- URI of the method invocation that spawned this task type: string start_time: description: |- The start time of the task in epoch milliseconds format: int64 readOnly: true type: integer status: description: |- Current status of the task enum: - running - error - success - canceling - canceled - killed readOnly: true type: string user: description: |- Name of the user who created this task readOnly: true title: |- Name of the user who created this task type: string type: object x-vmw-nsx-module: Common description: |- Task properties title: |- Task properties x-vmw-nsx-module: Common TcpHeader: properties: dst_port: description: |- Destination port of tcp header format: int64 maximum: 65535 minimum: 0 title: |- Destination port of tcp header type: integer src_port: description: |- Source port of tcp header format: int64 maximum: 65535 minimum: 0 title: |- Source port of tcp header type: integer tcp_flags: description: |- TCP flags (9bits) format: int64 maximum: 511 minimum: 0 title: |- TCP flags (9bits) type: integer type: object x-vmw-nsx-module: Traceflow TcpMaximumSegmentSizeClamping: description: |- TCP MSS Clamping Direction and Value. properties: direction: default: NONE description: | Specifies the traffic direction for which to apply MSS Clamping. enum: - NONE - INBOUND_CONNECTION - OUTBOUND_CONNECTION - BOTH title: |- Maximum Segment Size Clamping Direction type: string max_segment_size: description: | MSS defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is an optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 216 to 8960. format: int64 maximum: 8902 minimum: 108 title: |- Maximum Segment Size Value type: integer title: |- TCP MSS Clamping type: object x-vmw-nsx-module: PolicyVpnIPSecVpn TeamingPolicy: description: |- Uplink Teaming Policy properties: active_list: description: |- List of Uplinks used in active list items: $ref: '#/definitions/Uplink' title: |- List of Uplinks used in active list type: array policy: description: |- Teaming policy enum: - FAILOVER_ORDER - LOADBALANCE_SRCID - LOADBALANCE_SRC_MAC title: |- Teaming policy type: string rolling_order: default: false description: |- Flag for preemptive mode title: |- Flag for preemptive mode type: boolean standby_list: description: |- List of Uplinks used in standby list items: $ref: '#/definitions/Uplink' title: |- List of Uplinks used in standby list type: array required: - policy - active_list title: |- Uplink Teaming Policy type: object x-vmw-nsx-module: UplinkHostSwitchProfile ThreatStatus: properties: status: description: |- Transport node threat status enum: - NORMAL - ABNORMAL title: |- Transport node threat status type: string type: object x-vmw-nsx-module: Heatmap Tier0: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: advanced_config: $ref: '#/definitions/Tier0AdvancedConfig' arp_limit: description: | Maximum number of ARP entries per transport node. format: int32 maximum: 50000 minimum: 5000 title: |- ARP limit per transport node type: integer default_rule_logging: default: false description: | Indicates if logging should be enabled for the default whitelisting rule. This field is deprecated and recommended to change Rule logging field. Note that this field is not synchronized with default logging field. title: |- Enable logging for whitelisted rule type: boolean x-deprecated: true dhcp_config_paths: description: | DHCP configuration for Segments connected to Tier-0. DHCP service is configured in relay mode. items: type: string maxItems: 1 minItems: 0 title: |- DHCP configuration for Segments connected to Tier-0 type: array disable_firewall: default: false description: |- Disable or enable gateway fiewall. title: |- Disable gateway firewall type: boolean failover_mode: default: NON_PREEMPTIVE description: | Determines the behavior when a Tier-0 instance in ACTIVE-STANDBY high-availability mode restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. This property is not used when the ha_mode property is set to ACTIVE_ACTIVE. Only applicable when edge cluster is configured in Tier0 locale-service. enum: - PREEMPTIVE - NON_PREEMPTIVE title: |- Failover mode type: string federation_config: $ref: '#/definitions/FederationGatewayConfig' force_whitelisting: default: false description: | This field is deprecated and recommended to change Rule action field. Note that this field is not synchronized with default rule field. title: |- Flag to add whitelisting FW rule during realization type: boolean x-deprecated: true ha_mode: default: ACTIVE_ACTIVE description: | Specify high-availability mode for Tier-0. Default is ACTIVE_ACTIVE. When ha_mode is changed from ACTIVE_ACTIVE to ACTIVE_STANDBY, inter SR iBGP (in BGP) is disabled. Changing ha_mode from ACTIVE_STANDBY to ACTIVE_ACTIVE will enable inter SR iBGP (in BGP) and previously configured preferred edge nodes (in Tier0 locale-service) are removed. enum: - ACTIVE_ACTIVE - ACTIVE_STANDBY title: |- High-availability Mode for Tier-0 type: string internal_transit_subnets: description: | Specify subnets that are used to assign addresses to logical links connecting service routers and distributed routers. Only IPv4 addresses are supported. When not specified, subnet 169.254.0.0/24 is assigned by default in ACTIVE_ACTIVE HA mode or 169.254.0.0/28 in ACTIVE_STANDBY mode. items: format: ip-cidr-block type: string maxItems: 1 title: |- Internal transit subnets in CIDR format type: array intersite_config: $ref: '#/definitions/IntersiteGatewayConfig' ipv6_profile_paths: description: | IPv6 NDRA and DAD profiles configuration on Tier0. Either or both NDRA and/or DAD profiles can be configured. items: type: string maxItems: 2 minItems: 0 title: |- IPv6 NDRA and DAD profiles configuration type: array rd_admin_field: description: | If you are using EVPN service, then route distinguisher administrator address should be defined if you need auto generation of route distinguisher on your VRF configuration. format: ip type: string transit_subnets: description: | Specify transit subnets that are used to assign addresses to logical links connecting tier-0 and tier-1s. Both IPv4 and IPv6 addresses are supported. When not specified, subnet 100.64.0.0/16 is configured by default. items: format: ip-cidr-block type: string title: |- Transit subnets in CIDR format type: array vrf_config: $ref: '#/definitions/Tier0VrfConfig' type: object x-vmw-nsx-module: PolicyConnectivity description: |- Tier-0 configuration for external connectivity. title: |- Tier-0 configuration x-vmw-nsx-module: PolicyConnectivity Tier0AdvancedConfig: allOf: - $ref: '#/definitions/ConnectivityAdvancedConfig' - properties: forwarding_up_timer: default: 0 description: | Extra time in seconds the router must wait before sending the UP notification after the peer routing session is established. Default means forward immediately. VRF logical router will set it same as parent logical router. format: int64 maximum: 300 minimum: 0 title: |- Forwarding up timer type: integer type: object x-vmw-nsx-module: PolicyConnectivity description: |- NSX specific configuration for tier-0 title: |- Advanced configuration for tier-0 x-vmw-nsx-module: PolicyConnectivity Tier0DeploymentMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enforcement_point: description: |- Path of enforcement point on which Tier-0 shall be deployed. title: |- Absolute Path of Enforcement Point type: string required: - enforcement_point type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Binding of Tier-0 to the enforcement point. title: |- Tier-0 Deployment Map x-vmw-nsx-module: PolicyEnforcementPointManagement Tier0DeploymentMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Tier-0 Deployment Maps. items: $ref: '#/definitions/Tier0DeploymentMap' title: |- Tier-0 Deployment Maps type: array required: - results type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Paged collection of Tier-0 Deployment Map. title: |- Paged Collection of Tier-0 Deployment Map x-vmw-nsx-module: PolicyEnforcementPointManagement Tier0GatewayState: description: |- Tier0 gateway state properties: auto_rds: $ref: '#/definitions/AutoRds' enforcement_point_path: description: | String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. title: |- Enforcement point path type: string ipv6_status: description: | IPv6 DAD status for interfaces configured on Tier0 items: $ref: '#/definitions/IPv6Status' title: |- IPv6 DAD status for Tier0 interfaces type: array tier0_state: $ref: '#/definitions/LogicalRouterState' tier0_status: $ref: '#/definitions/LogicalRouterStatus' transport_zone: $ref: '#/definitions/PolicyTransportZone' title: |- Tier0 gateway state type: object x-vmw-nsx-module: PolicyConnectivityStatistics Tier0HaVipConfig: description: |- Tier0 HA VIP Config properties: enabled: default: true description: |- Flag to enable this HA VIP config. title: |- Flag to enable this HA VIP config. type: boolean external_interface_paths: description: |- Policy paths to Tier0 external interfaces which are to be paired to provide redundancy. Floating IP will be owned by one of these interfaces depending upon which edge node is Active. items: type: string minItems: 2 title: |- Policy paths to Tier0 external interfaces for providing redundancy type: array vip_subnets: description: |- Array of IP address subnets which will be used as floating IP addresses. items: $ref: '#/definitions/InterfaceSubnet' maxItems: 2 minItems: 1 title: |- VIP floating IP address subnets type: array required: - external_interface_paths - vip_subnets title: |- Tier0 HA VIP Config type: object x-vmw-nsx-module: PolicyConnectivity Tier0Interface: allOf: - $ref: '#/definitions/BaseTier0Interface' - properties: access_vlan_id: description: |- Vlan id. format: int64 type: integer admin_state: description: | This flag is used to enable/disable admin state on tier-0 service port. If admin_state flag value is not specified then default is UP. When set to UP then traffic on service port will be enabled and service port is enabled from routing perspective. When set to DOWN then traffic on service port will be disabled and service port is down from routing perspective. This flag is experimental because it will be used in V2T BYOT migration. This flag should not be set to UP or DOWN if EVPN is configured, and tier-0 LR is in A/S mode. Also this flag can not be set to UP or DOWN for service interfaces which are configured on vrf-lite. enum: - UP - DOWN title: |- Flag to enable/disable admin_state of tier-0 service port type: string edge_cluster_member_index: description: | Specify association of interface with edge cluster member. This property is deprecated, use edge_path instead. When both properties are specifed, only edge_path property is used. format: int32 minimum: 0 title: |- Association of interface with edge cluster member type: integer x-deprecated: true edge_path: description: | Policy path to edge node to handle external connectivity. Required when interface type is EXTERNAL. title: |- Policy path to edge node type: string igmp_local_join_groups: description: | IGMP local join groups configuration. items: description: |- IPv4 address format: ipv4 type: string title: |- IGMP local join groups configuration type: array ipv6_profile_paths: description: | Configuration IPv6 NDRA profile. Only one NDRA profile can be configured. items: type: string maxItems: 1 minItems: 0 title: |- IPv6 NDRA profile configuration type: array ls_id: description: | Specify logical switch to which tier-0 interface is connected for external access. This property is deprecated, use segment_path instead. Both properties cannot be used together. title: |- Logical switch id to attach tier-0 interface type: string x-deprecated: true mtu: description: | Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit. format: int32 minimum: 64 title: |- MTU size type: integer multicast: $ref: '#/definitions/Tier0InterfacePimConfig' ospf: $ref: '#/definitions/PolicyInterfaceOspfConfig' proxy_arp_filters: description: | Array of prefix lists used to specify filtering for ARP proxy. Prefixes in this array are used to configure ARP proxy entries on Tier-0 gateway (for uplinks). items: type: string maxItems: 1 minItems: 0 title: |- List of proxy Address Resolution Protocol Filters type: array segment_path: description: | Specify Segment to which this interface is connected to. Either segment_path or ls_id property is required. title: |- Segment to attach tier-0 interface type: string type: default: EXTERNAL description: | Interface type enum: - EXTERNAL - SERVICE - LOOPBACK title: |- Interface type type: string urpf_mode: default: STRICT description: |- Unicast Reverse Path Forwarding mode enum: - NONE - STRICT title: |- Unicast Reverse Path Forwarding mode type: string type: object x-vmw-nsx-module: PolicyConnectivity description: |- Tier-0 interface configuration for external connectivity. title: |- Tier-0 interface configuration x-vmw-nsx-module: PolicyConnectivity Tier0InterfaceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Tier-0 Interface list results items: $ref: '#/definitions/Tier0Interface' title: |- Tier-0 Interface list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Tier-0 Interfaces title: |- Paged collection of Tier-0 Interfaces x-vmw-nsx-module: PolicyConnectivity Tier0InterfacePimConfig: description: |- Multicast PIM configuration. properties: enabled: default: false description: | enable/disable PIM configuration. title: |- enable/disable PIM configuration type: boolean hello_interval: default: 30 description: | PIM hello interval(seconds) at interface level. format: int32 maximum: 180 minimum: 1 title: |- PIM hello interval at interface level type: integer hold_interval: description: | PIM hold interval(seconds) at interface level. format: int32 maximum: 630 minimum: 1 title: |- PIM hold interval at interface level type: integer title: |- Multicast PIM configuration type: object x-vmw-nsx-module: PolicyConnectivity Tier0ListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Tier-0 list results items: $ref: '#/definitions/Tier0' title: |- Tier-0 list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Tier-0s title: |- Paged collection of Tier-0s x-vmw-nsx-module: PolicyConnectivity Tier0RouteMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: entries: description: | Ordered list of route map entries. items: $ref: '#/definitions/RouteMapEntry' maxItems: 1000 minItems: 1 title: |- Ordered list of route map entries type: array required: - entries type: object x-vmw-nsx-module: PolicyConnectivity description: |- RouteMap for redistributing routes to BGP and other routing protocols title: |- RouteMap for redistributing routes to BGP and other routing protocols x-vmw-nsx-module: PolicyConnectivity Tier0RouteMapListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Tier0RouteMap results items: $ref: '#/definitions/Tier0RouteMap' title: |- Tier0RouteMap results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of RouteMaps title: |- Paged collection of RouteMaps x-vmw-nsx-module: PolicyConnectivity Tier0RouteRedistributionConfig: description: |- Route Redistribution config properties: bgp_enabled: default: true description: |- Flag to enable route redistribution for BGP. title: |- Flag to enable route redistribution for BGP. type: boolean ospf_enabled: default: false description: |- Flag to enable route redistribution for OSPF. title: |- Flag to enable route redistribution for OSPF. type: boolean redistribution_rules: default: [] description: | List of redistribution rules. items: $ref: '#/definitions/Tier0RouteRedistributionRule' maxItems: 5 minItems: 0 type: array title: |- Route Redistribution config type: object x-vmw-nsx-module: PolicyConnectivity Tier0RouteRedistributionRule: description: |- Single route redistribution rule properties: destinations: description: | Each rule can have more than one destinations. If destinations not specified for a given rule, default destionation will be BGP items: default: BGP enum: - BGP - OSPF type: string title: |- List of destination for a given redistribution rule type: array name: description: |- Rule name title: |- Rule name type: string route_map_path: description: |- Route map to be associated with the redistribution rule type: string route_redistribution_types: description: |- List of redistribution types items: description: | Tier-0 route redistribution types. TIER0_STATIC: Redistribute user added static routes. TIER0_CONNECTED: Redistribute all subnets configured on Interfaces and routes related to TIER0_SEGMENT, TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT types. TIER1_STATIC: Redistribute all subnets and static routes advertised by Tier-1s. TIER0_EXTERNAL_INTERFACE: Redistribute external interface subnets on Tier-0. TIER0_LOOPBACK_INTERFACE: Redistribute loopback interface subnets on Tier-0. TIER0_SEGMENT: Redistribute subnets configured on Segments connected to Tier-0. TIER0_ROUTER_LINK: Redistribute router link port subnets on Tier-0 TIER0_SERVICE_INTERFACE: Redistribute Tier0 service interface subnets. TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets. TIER0_IPSEC_LOCAL_IP: Redistribute IPSec subnets. TIER0_NAT: Redistribute NAT IPs owned by Tier-0. TIER0_EVPN_TEP_IP: Redistribute EVPN local endpoint subnets on Tier-0. TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances. TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances. TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances. TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1 instances. TIER1_CONNECTED: Redistribute all subnets configured on Segments and Service Interfaces. TIER1_SERVICE_INTERFACE: Redistribute Tier1 service interface subnets. TIER1_SEGMENT: Redistribute subnets configured on Segments connected to Tier1. TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets advertised by TIER1. Route redistribution destination is BGP. enum: - TIER0_STATIC - TIER0_CONNECTED - TIER0_EXTERNAL_INTERFACE - TIER0_SEGMENT - TIER0_ROUTER_LINK - TIER0_SERVICE_INTERFACE - TIER0_LOOPBACK_INTERFACE - TIER0_DNS_FORWARDER_IP - TIER0_IPSEC_LOCAL_IP - TIER0_NAT - TIER0_EVPN_TEP_IP - TIER1_NAT - TIER1_STATIC - TIER1_LB_VIP - TIER1_LB_SNAT - TIER1_DNS_FORWARDER_IP - TIER1_CONNECTED - TIER1_SERVICE_INTERFACE - TIER1_SEGMENT - TIER1_IPSEC_LOCAL_ENDPOINT type: string title: |- List of redistribution types type: array required: - route_redistribution_types title: |- Single route redistribution rule type: object x-vmw-nsx-module: PolicyConnectivity Tier0SecurityFeature: allOf: - $ref: '#/definitions/SecurityFeatureBase' - properties: feature: description: | Feature to be enabled/disabled. IDFW - Identity Firewall Use any one of this to enable/disabe it. enum: - IDFW type: string required: - feature type: object x-vmw-nsx-module: PolicyGatewaySecurityFeature description: |- T0 Security feature entity with feature details title: |- T0 Security feature entity with feature details x-vmw-nsx-module: PolicyGatewaySecurityFeature Tier0SecurityFeatures: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: features: items: $ref: '#/definitions/Tier0SecurityFeature' type: array required: - features type: object x-vmw-nsx-module: PolicyGatewaySecurityFeature description: |- T0 Security features entity with feature details title: |- T0 Security features entity with feature details x-vmw-nsx-module: PolicyGatewaySecurityFeature Tier0VrfConfig: description: |- Tier-0 vrf configuration. properties: evpn_l2_vni_config: $ref: '#/definitions/VrfEvpnL2VniConfig' evpn_transit_vni: description: | L3 VNI associated with the VRF for overlay traffic of ethernet virtual private network (EVPN). It must be unique and available from the VNI pool defined for EVPN service. It is required for VRF to participate in the EVPN service in INLINE mode. format: int32 title: |- L3 VNI associated with the VRF for overlay traffic type: integer route_distinguisher: description: |- Route distinguisher with format in IPAddress: or ASN:. title: |- Route distinguisher type: string route_targets: description: |- Route targets. items: $ref: '#/definitions/VrfRouteTargets' maxItems: 1 minItems: 1 title: |- Route targets type: array tier0_path: description: | Default tier0 path. Cannot be modified after realization. title: |- Tier0 path type: string required: - tier0_path title: |- Tier-0 vrf configuration type: object x-vmw-nsx-module: PolicyConnectivity Tier1: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: arp_limit: description: | Maximum number of ARP entries per transport node. format: int32 maximum: 50000 minimum: 5000 title: |- ARP limit per transport node type: integer default_rule_logging: default: false description: | Indicates if logging should be enabled for the default whitelisting rule. This field is deprecated and recommended to change Rule logging field. Note that this field is not synchronized with default logging field. title: |- Enable logging for whitelisted rule type: boolean x-deprecated: true dhcp_config_paths: description: | DHCP configuration for Segments connected to Tier-1. DHCP service is enabled in relay mode. items: type: string maxItems: 1 minItems: 0 title: |- DHCP configuration for Segments connected to Tier-1 type: array disable_firewall: default: false description: |- Disable or enable gateway fiewall. title: |- Disable gateway firewall type: boolean enable_standby_relocation: default: false description: | Flag to enable standby service router relocation. Standby relocation is not enabled until edge cluster is configured for Tier1. title: |- Flag to enable standby service router relocation. type: boolean failover_mode: default: NON_PREEMPTIVE description: | Determines the behavior when a Tier-1 instance restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. Only applicable when edge cluster is configured in Tier1 locale-service. enum: - PREEMPTIVE - NON_PREEMPTIVE title: |- Failover mode type: string federation_config: $ref: '#/definitions/FederationGatewayConfig' force_whitelisting: default: false description: | This field is deprecated and recommended to change Rule action field. Note that this field is not synchornied with default rule field. title: |- Flag to add whitelisting FW rule during realization type: boolean x-deprecated: true ha_mode: description: | Specify high-availability mode for Tier-1. enum: - ACTIVE_STANDBY title: |- High-availability Mode for Tier-1 type: string intersite_config: $ref: '#/definitions/IntersiteGatewayConfig' ipv6_profile_paths: description: | Configuration IPv6 NDRA and DAD profiles. Either or both NDRA and/or DAD profiles can be configured. items: type: string maxItems: 2 minItems: 0 title: |- IPv6 NDRA and DAD profiles configuration type: array pool_allocation: default: ROUTING description: | Supports edge node allocation at different sizes for routing and load balancer service to meet performance and scalability requirements. ROUTING: Allocate edge node to provide routing services. LB_SMALL, LB_MEDIUM, LB_LARGE, LB_XLARGE: Specify size of load balancer service that will be configured on TIER1 gateway. enum: - ROUTING - LB_SMALL - LB_MEDIUM - LB_LARGE - LB_XLARGE title: |- Edge node allocation size type: string qos_profile: $ref: '#/definitions/GatewayQosProfileConfig' route_advertisement_rules: description: |- Route advertisement rules and filtering items: $ref: '#/definitions/RouteAdvertisementRule' title: |- Route advertisement rules and filtering type: array route_advertisement_types: description: | Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised. items: description: | Control routes advertised by Tier-1 instance. TIER1_STATIC_ROUTES: Advertise all STATIC routes. TIER1_CONNECTED: Advertise all subnets configured on connected Interfaces and Segments. TIER1_NAT: Advertise all NAT IP addresses. TIER1_LB_VIP: Advertise all Load-balancer VIPs. TIER1_LB_SNAT: Advertise all Loadbalancer SNAT IP addresses. TIER1_DNS_FORWARDER_IP: Advertise DNS forwarder source and listener IPs TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets. enum: - TIER1_STATIC_ROUTES - TIER1_CONNECTED - TIER1_NAT - TIER1_LB_VIP - TIER1_LB_SNAT - TIER1_DNS_FORWARDER_IP - TIER1_IPSEC_LOCAL_ENDPOINT type: string title: |- Enable different types of route advertisements type: array tier0_path: description: | Specify Tier-1 connectivity to Tier-0 instance. title: |- Tier-1 connectivity to Tier-0 type: string type: description: | Tier1 connectivity type for reference. Property value is not validated with Tier1 configuration. ROUTED: Tier1 is connected to Tier0 gateway and routing is enabled. ISOLATED: Tier1 is not connected to any Tier0 gateway. NATTED: Tier1 is in ROUTED type with NAT configured locally. enum: - ROUTED - ISOLATED - NATTED title: |- Tier1 type type: string type: object x-vmw-nsx-module: PolicyConnectivity description: | Tier-1 instance configuration. title: |- Tier-1 x-vmw-nsx-module: PolicyConnectivity Tier1DeploymentMap: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: enforcement_point: description: |- Path of enforcement point on which Tier-1 shall be deployed. title: |- Absolute path of Enforcement Point type: string required: - enforcement_point type: object x-vmw-nsx-module: PolicyEnforcementPointManagement description: |- Binding of Tier-1 to the enforcement point. title: |- Tier-1 Deployment Map x-vmw-nsx-module: PolicyEnforcementPointManagement Tier1GatewayState: description: |- Tier1 gateway state properties: enforcement_point_path: description: | String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. title: |- Enforcement point path type: string ipv6_status: description: | IPv6 DAD status for interfaces configured on Tier1 items: $ref: '#/definitions/IPv6Status' title: |- IPv6 DAD status for Tier1 interfaces type: array tier1_state: $ref: '#/definitions/LogicalRouterState' tier1_status: $ref: '#/definitions/LogicalRouterStatus' transport_zone: $ref: '#/definitions/PolicyTransportZone' title: |- Tier1 gateway state type: object x-vmw-nsx-module: PolicyConnectivityStatistics Tier1Interface: allOf: - $ref: '#/definitions/BaseTier0Interface' - properties: admin_state: description: | This flag is used to enable/disable admin state on tier-1 service port. If admin_state flag value is not specified then default is UP. When set to UP then traffic on service port will be enabled and service port is enabled from routing perspective. When set to DOWN then traffic on service port will be disabled and service port is down from routing perspective. This flag is experimental because it will be used in V2T BYOT migration. enum: - UP - DOWN title: |- Flag to enable/disable admin_state of tier-1 service port type: string ipv6_profile_paths: description: | Configrue IPv6 NDRA profile. Only one NDRA profile can be configured. items: type: string maxItems: 1 minItems: 0 title: |- IPv6 NDRA profile configuration type: array mtu: description: | Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit. format: int32 minimum: 64 title: |- MTU size type: integer segment_path: description: | Policy path of Segment to which interface is connected to. title: |- Policy path of Segment to attach interface type: string urpf_mode: default: STRICT description: |- Unicast Reverse Path Forwarding mode enum: - NONE - STRICT title: |- Unicast Reverse Path Forwarding mode type: string required: - segment_path type: object x-vmw-nsx-module: PolicyConnectivity description: |- Tier-1 interface configuration for attaching services. title: |- Tier-1 interface configuration x-vmw-nsx-module: PolicyConnectivity Tier1InterfaceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Tier-1 Interface list results items: $ref: '#/definitions/Tier1Interface' title: |- Tier-1 Interface list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Tier-1 Interfaces title: |- Paged collection of Tier-1 Interfaces x-vmw-nsx-module: PolicyConnectivity Tier1ListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Tier-1 list results items: $ref: '#/definitions/Tier1' title: |- Tier-1 list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged collection of Tier-1 instances title: |- Paged collection of Tier-1 instances x-vmw-nsx-module: PolicyConnectivity TimeRangeDropdownFilterWidgetConfiguration: allOf: - $ref: '#/definitions/DropdownFilterWidgetConfiguration' - properties: time_range_filter_info: $ref: '#/definitions/TimeRangeFilterInfo' type: object x-vmw-nsx-module: NsxDashboard description: |- Represents configuration for dropdown filter widget for Time Range. title: |- Time Range Dropdown Filter widget Configuration x-vmw-nsx-module: NsxDashboard TimeRangeFilterInfo: description: |- time range filter information properties: from_param_name: default: fromDate description: |- from parameter name used for time range filter from date value. maxLength: 1024 title: |- from parameter name for time range filter. type: string to_param_name: default: toDate description: |- to parameter name used for time range filter to date value. maxLength: 1024 title: |- to parameter name for time range filter type: string value_type: default: EPOCH description: |- type of time range filter value can be epoch, ISO date Format. enum: - EPOCH title: |- type of time range filter value type: string title: |- time range filter information type: object x-vmw-nsx-module: NsxDashboard TlsCertificate: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: details: description: |- list of X509Certificates. items: $ref: '#/definitions/X509Certificate' readOnly: true type: array has_private_key: default: false description: |- whether we have the private key for this certificate. readOnly: true type: boolean pem_encoded: description: |- pem encoded certificate data. readOnly: false type: string purpose: description: |- Purpose of this certificate. Can be empty or set to "signing-ca". enum: - signing-ca readOnly: true type: string tls_certificate_type: description: | Classification of the TlsCertificate helps differentiate how a TlsCertificate could be used for various components either as a client trust certificate; CERTIFICATE_CA, or as a server identity certificate; CERTIFICATE_SIGNED,or CERTIFICATE_SELF_SIGNED. enum: - CERTIFICATE_CA - CERTIFICATE_SIGNED - CERTIFICATE_SELF_SIGNED readOnly: true type: string required: - pem_encoded type: object x-vmw-nsx-module: PolicyCertificate x-vmw-nsx-module: PolicyCertificate TlsCertificateList: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- TlsCertificate list. items: $ref: '#/definitions/TlsCertificate' readOnly: true type: array type: object x-vmw-nsx-module: PolicyCertificate description: |- Certificate queries result title: |- Certificate queries result x-vmw-nsx-module: PolicyCertificate TlsConfigProfileBindingMap: allOf: - $ref: '#/definitions/ProfileBindingMap' - type: object x-vmw-nsx-module: PolicyTlsConfigProfile description: | This entity will be used to establish association between TLS Config profile and Logical Routers. title: |- Policy TLS Config Profile binding map x-vmw-nsx-module: PolicyTlsConfigProfile TlsCrl: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: crl_type: default: X509 description: |- The type of the CRL. It can be "OneCRL" or "X509" (default). enum: - OneCRL - X509 title: |- Type of CRL type: string details: $ref: '#/definitions/X509Crl' details_revoked_by_issuer_and_serial_number: description: |- Certificates revoked by issuer and serial number items: $ref: '#/definitions/IssuerSerialNumber' readOnly: true title: |- Certificates revoked by issuer and serial number type: array details_revoked_by_subject_and_public_key_hash: description: |- Certificates revoked by subject and public key hash items: $ref: '#/definitions/SubjectPublicKeyHash' readOnly: true title: |- Certificates revoked by subject and public key hash type: array one_crl: description: |- JSON-encoded OneCRL-like object readOnly: false title: |- JSON-encoded OneCRL-like object type: string pem_encoded: description: |- Pem encoded crl data. title: |- Pem encoded crl data type: string type: object x-vmw-nsx-module: PolicyCertificate x-vmw-nsx-module: PolicyCertificate TlsCrlListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- TlsCrl list results items: $ref: '#/definitions/TlsCrl' title: |- TlsCrl list results type: array required: - results type: object x-vmw-nsx-module: PolicyCertificate description: |- Paged Collection of TlsCrl title: |- Paged Collection of TlsCrl x-vmw-nsx-module: PolicyCertificate TlsCsr: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: algorithm: default: RSA description: |- Cryptographic algorithm (asymmetric) used by the public key for data encryption. enum: - RSA readOnly: false type: string is_ca: default: false description: |- Whether the CSR is for a CA certificate. type: boolean key_size: default: 4096 description: |- Size measured in bits of the public key used in a cryptographic algorithm. format: int64 readOnly: false type: integer pem_encoded: description: |- PEM encoded certificate data. readOnly: true type: string subject: $ref: '#/definitions/Principal' required: - subject type: object x-vmw-nsx-module: PolicyCertificate x-vmw-nsx-module: PolicyCertificate TlsCsrListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- TlsCsr list results items: $ref: '#/definitions/TlsCsr' title: |- TlsCsr list results type: array required: - results type: object x-vmw-nsx-module: PolicyCertificate description: |- Paged Collection of TlsCsr title: |- Paged Collection of TlsCsr x-vmw-nsx-module: PolicyCertificate TlsCsrWithDaysValid: allOf: - $ref: '#/definitions/TlsCsr' - properties: days_valid: default: 825 description: |- Number of days the certificate will be valid, default 825 days format: int64 maximum: 10000 minimum: 1 title: |- Number of days the certificate will be valid, default 825 days type: integer type: object x-vmw-nsx-module: PolicyCertificate description: |- CSR data with days valid title: |- CSR data with days valid x-vmw-nsx-module: PolicyCertificate TlsInspectionExternalProfile: allOf: - $ref: '#/definitions/TlsProfile' - properties: client_cipher_suite: default: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 description: | Client's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. items: description: |- TLS balanced cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA type: string maxItems: 128 title: |- List of cipher suites client supports type: array client_max_tls_version: default: TLS_V1_2 description: |- Client's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported TLS versions are TLS1.1 and TLS1.2. enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string client_min_tls_version: default: TLS_V1_1 description: |- Client's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported TLS versions are TLS1.1 and TLS1.2. enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string crypto_enforcement: default: ENFORCE description: | If enforced and if TLS protocol Client/Server Hello has none of the permitted TLS versions or ciphers then the connection is immediately terminated. enum: - ENFORCE - TRANSPARENT type: string decryption_fail_action: default: BYPASS description: |- Action to take when TLS handshake fails. enum: - BLOCK - BYPASS type: string invalid_cert_action: default: ALLOW description: |- If presented invalid certificates take this action. enum: - BLOCK - ALLOW type: string ocsp_must_staple: default: false description: |- true - enable the ocsp must staple, false - disable it. title: |- Flag to enable/disable ocsp must staple type: boolean proxy_trusted_ca_cert: description: | Proxy trusted ca cert and key used to issue valid ca certificate. This is the subordinate CA cert (referred to as Proxy CA) by the Enterprise Issuing CA. title: |- Proxy trusted ca cert and key type: string proxy_untrusted_ca_cert: description: |- Proxy untrusted ca cert and key used to issue invalid ca certificate title: |- Proxy untrusted ca cert and key type: string server_cipher_suite: default: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 description: | Server's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. items: description: |- TLS balanced cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA type: string maxItems: 128 title: |- List of cipher suites server support type: array server_max_tls_version: default: TLS_V1_2 description: |- Server's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2. enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string server_min_tls_version: default: TLS_V1_1 description: |- Server's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2. enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string tls_config_setting: default: BALANCED description: | Pre-defined config settings. Settings could be one of Balanced, High Fidelity, High Security, Custom enum: - BALANCED - HIGH_FIDELITY - HIGH_SECURITY - CUSTOM type: string required: - proxy_untrusted_ca_cert - proxy_trusted_ca_cert type: object x-vmw-nsx-module: PolicyTlsActionProfile description: |- External inspection profile is used when the TLS connection is destined to a service not owned by the enterprise. title: |- TLS inspection external profile x-vmw-nsx-module: PolicyTlsActionProfile TlsInspectionInternalProfile: allOf: - $ref: '#/definitions/TlsProfile' - properties: certificate_validation: default: false description: |- true - enable the certificate validation; false - disable it. title: |- Flag to enable/disable certificate validation type: boolean client_cipher_suite: default: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 description: | Client's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. items: description: |- TLS balanced cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA type: string maxItems: 128 title: |- List of cipher suites client supports type: array client_max_tls_version: default: TLS_V1_2 description: |- Client's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2. enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string client_min_tls_version: default: TLS_V1_1 description: |- Client's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2. enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string crypto_enforcement: default: ENFORCE description: | If enforced and if TLS protocol Client/Server Hello has none of the permitted TLS versions or ciphers then the connection is immediately terminated. enum: - ENFORCE - TRANSPARENT type: string decryption_fail_action: default: BYPASS description: |- Action to take when TLS handshake fails. enum: - BLOCK - BYPASS type: string default_cert_key: description: |- Default server certificate presented to the user. title: |- One of the actual server certificate presented to the client type: string ocsp_must_staple: default: false description: |- true - enable the ocsp must staple, false - disable it. title: |- Flag to enable/disable ocsp must staple type: boolean server_certs_key: description: |- Server certificate presented to the client. items: type: string maxItems: 100 title: |- Actual server certificate key type: array server_cipher_suite: default: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 description: | Server's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256. items: description: |- TLS balanced cipher enum: - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS_RSA_WITH_AES_128_GCM_SHA256 - TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS_RSA_WITH_AES_256_GCM_SHA384 - TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS_RSA_WITH_AES_256_CBC_SHA - TLS_RSA_WITH_AES_128_CBC_SHA type: string maxItems: 128 title: |- List of cipher suites server support type: array server_max_tls_version: default: TLS_V1_2 description: |- Server's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.0, TLS1.1 and TLS1.2 enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string server_min_tls_version: default: TLS_V1_1 description: |- Server's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. supported versions are TLS1.1 and TLS1.2. enum: - TLS_V1_2 - TLS_V1_1 - TLS_V1_0 type: string tls_config_setting: default: BALANCED description: | Pre-defined config settings. Settings could be one of Balanced, High Fidelity, High Security, Custom enum: - BALANCED - HIGH_FIDELITY - HIGH_SECURITY - CUSTOM type: string required: - server_certs_key type: object x-vmw-nsx-module: PolicyTlsActionProfile description: |- Internal inspection Profile is used when the TLS connection is destined to a service not owned by the enterprise. title: |- TLS inspection internal profile x-vmw-nsx-module: PolicyTlsActionProfile TlsListenerCertificate: description: | Returns the certificate and thumbprint of a remote TLS listener, if the listener is running and accepting requests. If the certificate cannot be retrieved, the result property describes the problem. properties: certificate: $ref: '#/definitions/X509Certificate' result: description: |- Result of get certificate operation. enum: - SUCCESS - CONNECTION_TIMEOUT - NO_ROUTE_TO_HOST - CONNECTION_REFUSED title: |- Result of get certificate operation type: string thumbprint: description: |- The SHA-256 thumbprint of the TLS listener. readOnly: true title: |- The SHA-256 thumbprint of the TLS listener type: string title: |- Remote TLS Listener Certificate type: object x-vmw-nsx-module: PolicySiteGM TlsPolicy: allOf: - $ref: '#/definitions/Policy' - properties: rules: description: |- Rules that are a part of this TLSPolicy items: $ref: '#/definitions/TlsRule' title: |- Rules that are a part of this TLSPolicy type: array type: object x-vmw-nsx-module: PolicyTls description: |- Contains ordered list of Rules for TLSPolicy title: |- Contains ordered list of Rules for TLSPolicy x-vmw-nsx-module: PolicyTls TlsPolicyListResult: allOf: - $ref: '#/definitions/PolicyListResult' - properties: results: description: |- TLSPolicy list results items: $ref: '#/definitions/TlsPolicy' title: |- TLSPolicy list results type: array required: - results type: object x-vmw-nsx-module: PolicyTls description: |- Paged Collection of TLS inspection policies title: |- Paged Collection of TLS inspection policies x-vmw-nsx-module: PolicyTls TlsProfile: allOf: - $ref: '#/definitions/PolicyConfigResource' - discriminator: resource_type properties: attention: description: | Used to indicate an TLS version or Cipher version pre-defined settings mis-match. readOnly: true title: |- TLS Pre-defined settings mis-match type: string crls: default: - /infra/crls/default_public_crl description: | Bypass profile - CRL is required if the "invalid_certificate" action is allow. External profile - CRL is always required. Internal profile - CRL is required if "certificate_validation" is turned on. items: type: string maxItems: 100 title: |- Certificate Revocation List Ids type: array idle_connection_timeout: default: 5400 description: |- Timeout the connection when kept idle. Default is 90 minutes. format: int32 maximum: 4320000 minimum: 1 title: |- Idle connection timeout in seconds type: integer resource_type: description: |- Resource type to use as profile type enum: - TlsInspectionBypassProfile - TlsInspectionExternalProfile - TlsInspectionInternalProfile title: |- Resource type to use as profile type. type: string trusted_ca_bundles: default: - /infra/cabundles/default_trusted_public_ca_bundle description: | Bypass profile - CA bundle is required if the "invalid_certificate" action is allow. External profile - CA bundle is always required. Internal profile - CA bundle is required if "certificate_validation" is turned on. items: type: string maxItems: 100 title: |- List of CA bundle Ids type: array required: - resource_type type: object x-vmw-nsx-module: PolicyTlsActionProfile x-vmw-nsx-module: PolicyTlsActionProfile TlsProfileListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of TLS profiles. items: $ref: '#/definitions/TlsProfile' readOnly: true title: |- List of the TLS profiles type: array type: object x-vmw-nsx-module: PolicyTlsActionProfile x-vmw-nsx-module: PolicyTlsActionProfile TlsRule: allOf: - $ref: '#/definitions/BaseRule' - properties: tls_profile: description: |- TLS profile path. title: |- TLS inspection action profile path type: string required: - tls_profile type: object x-vmw-nsx-module: PolicyTls description: |- A rule indicates the decryption actions to be performed for various types of traffic flowing between workload groups. title: |- A rule specifies the TLS policy rule between the workload groups x-vmw-nsx-module: PolicyTls TlsRuleListResult: allOf: - $ref: '#/definitions/BaseRuleListResult' - properties: results: description: |- TLS Rule list results items: $ref: '#/definitions/TlsRule' title: |- TLS Rule list results type: array required: - results type: object x-vmw-nsx-module: PolicyTls description: |- Paged Collection of Rules title: |- Paged Collection of Rules x-vmw-nsx-module: PolicyTls TlsStateObject: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: failure_reasons: default: [] description: |- TLS inspection failure reasons. items: type: string maxItems: 128 title: |- TLS inspection failure reasons type: array fqdn: description: | Fully Qualified Domain Name. title: |- Fully Qualified Domain Name type: string inspection_action: default: INVALID description: | TLS inspection bypass action. enum: - INVALID - BYPASS - DROP - REJECT title: |- TLS inspection action type: string scope: description: | Tier-0/Tier-1 Logical Router policy path title: |- Tier-0/Tier-1 Logical Router policy path type: string required: - fqdn type: object x-vmw-nsx-module: PolicyTlsState description: | TLS state title: | TLS state x-vmw-nsx-module: PolicyTlsState TlsStateObjectListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: | TLS state list results. items: $ref: '#/definitions/TlsStateObject' title: |- TLS state list results. type: array required: - results type: object x-vmw-nsx-module: PolicyTlsState x-vmw-nsx-module: PolicyTlsState TlsTrustData: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: key_algo: description: |- Key algorithm contained in this certificate. type: string passphrase: description: |- Password for private key encryption. readOnly: false type: string pem_encoded: description: |- pem encoded certificate data. readOnly: false type: string private_key: description: |- private key data readOnly: false type: string purpose: description: |- Purpose of this certificate. Can be empty or set to "signing-ca". enum: - signing-ca readOnly: false type: string required: - pem_encoded type: object x-vmw-nsx-module: PolicyCertificate x-vmw-nsx-module: PolicyCertificate TnHyperbusStatus: properties: hyperbus_status: description: |- Display the hyperbus status enum: - UNKNOWN - HEALTHY - UNHEALTHY - DEGRADED type: string transport_node_id: description: |- Transport node id. title: |- Transport node id type: string required: - hyperbus_status - transport_node_id type: object x-vmw-nsx-module: TnContainerStatus TnNodeAgentStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Container agent status items: $ref: '#/definitions/TnNodeAgentstatus' readOnly: true title: |- Container agent status type: array type: object x-vmw-nsx-module: TnContainerStatus description: |- Container agent status list result title: |- Container agent status list result x-vmw-nsx-module: TnContainerStatus TnNodeAgentstatus: properties: hyperbus_connection_status: description: |- Show the Node Agent connected VM vif status. enum: - UNKNOWN - HEALTHY - UNHEALTHY - DEGRADED type: string vif_id: description: |- Connected VM vif id. title: |- Connected VM VIF id type: string required: - hyperbus_connection_status - vif_id type: object x-vmw-nsx-module: TnContainerStatus TnNodeStackSpanStatus: description: | List all the TNs spaned in L3PortMirrorSession mirror stack health status. properties: dedicated_stack_status: description: | Show the dedicated mirror stack health status, if the TN node has the mirror stack, it will show SUCCESS or it will show FAILED. enum: - UNKNOWN - SUCCESS - FAILED type: string detail: description: | Give the detail info for mirror stack and vmknic health status. If the stack or vmknic is FAILED, detail info will tell user reason why the stauts is FAILED. So that user can correct their configuration. title: |- give detail info and reason about the vmknic and statck status type: string last_updated_time: description: | TN miror stack status will be updated periodically, this item indicates the lastest timestamp of TN node stack status is updated. format: int64 type: integer tn_node_id: description: | For L3PortMirrorSession configured mirror stack, show the TN node UUID which spaned in L3PortMirrorSession. title: |- TN node ID that configured L3PortMirrorSession mirror stack type: string tn_node_name: description: | For L3PortMirrorSession configured mirror stack, show the TN node friendly name which spaned in L3PortMirrorSession. title: |- TN node name that configured L3SPAN mirror stack type: string vmknic_status: description: | Show the vmknic health status, if the vmknic has been bouned to mirror stack, it will show SUCCESS or it will show FAILED. enum: - UNKNOWN - SUCCESS - FAILED type: string required: - tn_node_name - dedicated_stack_status - vmknic_status - detail - last_updated_time title: |- List all L3PortMirrorSession TN nodes mirror stack health status type: object x-vmw-nsx-module: PortMirroring Tooltip: description: |- Tooltip to be shown while hovering over the dashboard UI element. properties: condition: description: |- If the condition is met then the tooltip will be applied. If no condition is provided, then the tooltip will be applied unconditionally. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API. maxLength: 1024 title: |- Expression for evaluating condition type: string heading: description: |- If true, displays tooltip text in bold title: |- Tooltip will be treated as header. type: boolean text: description: |- Text to be shown on tooltip while hovering over UI element. The text would be wrapped if it exceeds 80 chars. maxLength: 1024 title: |- Textbox shown at tooltip type: string required: - text title: |- Tooltip type: object x-vmw-nsx-module: NsxDashboard TraceActionArgument: properties: dest_lport: description: | It is required only when the type of trace is bidirectional. Please keep this field aligned with the destination logical port of packet capture action config when the type of packet capture action is bidirectional. readOnly: true title: |- Destination logical port for bidirectional trace type: string reverse_filter: $ref: '#/definitions/LiveTraceFilterData' trace_type: description: |- Type of trace enum: - UNI_DIRECTIONAL - BI_DIRECTIONAL readOnly: true title: |- Type of trace type: string type: object x-vmw-nsx-module: LiveTrace TraceActionConfig: properties: action_argument: $ref: '#/definitions/TraceActionArgument' sampling_argument: $ref: '#/definitions/SamplingArgument' type: object x-vmw-nsx-module: LiveTrace TraceResult: properties: analysis: description: |- Trace action result analysis notes items: type: string readOnly: true title: |- Trace action result analysis notes type: array counters: $ref: '#/definitions/TraceflowObservationCounters' direction: description: |- Direction of a trace enum: - FORWARD - BACKWARD readOnly: true title: |- Direction of a trace type: string logical_counters: $ref: '#/definitions/TraceflowObservationCounters' observations: description: |- Trace observation list items: $ref: '#/definitions/TraceflowObservation' readOnly: true title: |- Trace observation list type: array packet_id: description: |- Packet ID in the session readOnly: true title: |- Packet ID in the session type: string result_overflowed: description: |- Whether some observations were deleted from the result set readOnly: true title: |- Whether some observations were deleted from the result set type: boolean type: object x-vmw-nsx-module: LiveTrace Traceflow: allOf: - $ref: '#/definitions/ManagedResource' - properties: analysis: description: |- Traceflow result analysis notes items: type: string readOnly: true title: |- Traceflow result analysis notes type: array counters: $ref: '#/definitions/TraceflowObservationCounters' id: description: |- The id of the traceflow round readOnly: true title: |- The id of the traceflow round type: string logical_counters: $ref: '#/definitions/TraceflowObservationCounters' lport_id: description: |- id of the source logical port used for injecting the traceflow packet readOnly: true title: |- id of the source logical port used for injecting the traceflow packet type: string operation_state: description: |- Represents the traceflow operation state enum: - IN_PROGRESS - FINISHED - FAILED readOnly: true title: |- Represents the traceflow operation state type: string request_status: description: |- The status of the traceflow RPC request. SUCCESS - The traceflow request is sent successfully. TIMEOUT - The traceflow request gets timeout. SOURCE_PORT_NOT_FOUND - The source port of the request cannot be found. DATA_PATH_NOT_READY - The datapath component cannot be ready to receive request. CONNECTION_ERROR - There is connection error on datapath component. UNKNOWN - The status of traceflow request cannot be determined. enum: - SUCCESS - TIMEOUT - SOURCE_PORT_NOT_FOUND - DATA_PATH_NOT_READY - CONNECTION_ERROR - UNKNOWN readOnly: true title: |- Traceflow request status type: string result_overflowed: description: |- A flag, when set true, indicates some observations were deleted from the result set. readOnly: true title: |- A flag, when set true, indicates some observations were deleted from the result set. type: boolean timeout: description: |- Maximum time (in ms) the management plane will be waiting for this traceflow round. Upper limit for federation case is 90000, for non-federation case is 15000, the maximum is set to 90000 as the higher of the two cases. format: int64 maximum: 90000 minimum: 5000 readOnly: true title: |- Timeout (in ms) for traceflow observations result list type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: is_transient: default: true description: |- This field indicates if intent is transient and will be cleaned up by the system if set to true title: |- Marker to indicate if intent is transient type: boolean packet: $ref: '#/definitions/PacketData' segment_port_path: description: |- Segment Port Path or UUID title: |- Segment Port Path or UUID type: string timeout: default: 10 description: |- Timeout for traceflow observation results format: int64 maximum: 15 minimum: 5 title: |- Timeout for traceflow observation results type: integer required: - packet - segment_port_path type: object x-vmw-nsx-module: PolicyConnectivity description: |- Traceflow configuration title: |- Traceflow configuration x-vmw-nsx-module: PolicyConnectivity TraceflowConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- TraceflowConfig list results items: $ref: '#/definitions/TraceflowConfig' title: |- TraceflowConfig list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Paged Collection of TraceflowConfigs title: |- Paged Collection of TraceflowConfigs x-vmw-nsx-module: PolicyConnectivity TraceflowObservation: discriminator: resource_type properties: component_name: description: |- The name of the component that issued the observation. readOnly: true title: |- The name of the component that issued the observation. type: string component_sub_type: description: |- The sub type of the component that issued the observation. enum: - LR_TIER0 - LR_TIER1 - LR_VRF_TIER0 - LS_TRANSIT - SI_CLASSIFIER - SI_PROXY - VDR - ENI - AWS_GATEWAY - TGW_ROUTE - EDGE_UPLINK - DELL_GATEWAY - LGW_ROUTE - UNKNOWN readOnly: true type: string component_type: description: |- The type of the component that issued the observation. enum: - PHYSICAL - LR - LS - DFW - BRIDGE - EDGE_TUNNEL - EDGE_HOSTSWITCH - FW_BRIDGE - EDGE_RTEP_TUNNEL - LOAD_BALANCER - NAT - IPSEC - SERVICE_INSERTION - VMC - SPOOFGUARD - EDGE_FW - DLB - ANTREA_SPOOFGUARD - ANTREA_LB - ANTREA_ROUTING - ANTREA_DFW - ANTREA_FORWARDING - HOST_SWITCH - UNKNOWN readOnly: true type: string resource_type: enum: - TraceflowObservationForwarded - TraceflowObservationDropped - TraceflowObservationDelivered - TraceflowObservationReceived - TraceflowObservationForwardedLogical - TraceflowObservationDroppedLogical - TraceflowObservationReceivedLogical - TraceflowObservationReplicationLogical - TraceflowObservationRelayedLogical type: string sequence_no: description: |- the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation. format: int64 readOnly: true title: |- the sequence number is the traceflow observation hop count type: integer timestamp: description: |- Timestamp when the observation was created by the transport node (milliseconds epoch) format: int64 readOnly: true type: integer timestamp_micro: description: |- Timestamp when the observation was created by the transport node (microseconds epoch) format: int64 readOnly: true title: |- Timestamp when the observation was created by the transport node type: integer transport_node_id: description: |- id of the transport node that observed a traceflow packet readOnly: true title: |- id of the transport node that observed a traceflow packet type: string transport_node_name: description: |- name of the transport node that observed a traceflow packet readOnly: true title: |- name of the transport node that observed a traceflow packet type: string transport_node_type: description: |- type of the transport node that observed a traceflow packet enum: - ESX - RHELKVM - UBUNTUKVM - CENTOSKVM - RHELCONTAINER - CENTOSCONTAINER - RHELSERVER - UBUNTUSERVER - CENTOSSERVER - SLESKVM - SLESSERVER - WINDOWSSERVER - RHELSMARTNIC - OELSERVER - UBUNTUSMARTNIC - EDGE - PUBLIC_CLOUD_GATEWAY_NODE - OTHERS - HYPERV readOnly: true type: string required: - resource_type type: object x-vmw-nsx-module: Traceflow TraceflowObservationCounters: properties: delivered_count: description: |- Total number of delivered observations for this traceflow round. format: int64 readOnly: true title: |- Delivered observation count type: integer dropped_count: description: |- Total number of dropped observations for this round. format: int64 readOnly: true title: |- Dropped observation count type: integer forwarded_count: description: |- Total number of forwarded observations for this traceflow round. format: int64 readOnly: true title: |- Forwarded observation count type: integer received_count: description: |- Total number of received observations for this traceflow round. format: int64 readOnly: true title: |- Received observation count type: integer type: object x-vmw-nsx-module: Traceflow TraceflowObservationDelivered: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: lport_id: description: |- The id of the logical port into which the traceflow packet was delivered readOnly: true title: |- The id of the logical port into which the traceflow packet was delivered type: string lport_name: description: |- The name of the logical port into which the traceflow packet was delivered readOnly: true title: |- The name of the logical port into which the traceflow packet was delivered type: string resolution_type: description: |- This field specifies the resolution type of ARP ARP_SUPPRESSION_PORT_CACHE - ARP request is suppressed by port DB ARP_SUPPRESSION_TABLE - ARP request is suppressed by ARP table ARP_SUPPRESSION_CP_QUERY - ARP request is suppressed by info derived from CP ARP_VM - No suppression and the ARP request is resolved. enum: - UNKNOWN - ARP_SUPPRESSION_PORT_CACHE - ARP_SUPPRESSION_TABLE - ARP_SUPPRESSION_CP_QUERY - ARP_VM readOnly: true title: |- The resolution type of the delivered message for ARP type: string target_mac: description: | The source MAC address of form: "^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00. readOnly: true title: |- MAC address of the resolved IP by ARP type: string vlan_id: description: |- VLAN on bridged network format: int64 type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationDropped: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: acl_rule_id: description: | This field is specified when the traceflow packet matched a L3 firewall rule. format: int64 readOnly: true title: |- The id of the L3 firewall rule that was applied to drop the traceflow packet type: integer arp_fail_reason: description: |- This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction enum: - ARP_UNKNOWN - ARP_TIMEOUT - ARP_CPFAIL - ARP_FROMCP - ARP_PORTDESTROY - ARP_TABLEDESTROY - ARP_NETDESTROY readOnly: true title: |- The detailed drop reason of ARP traceflow packet type: string jumpto_rule_id: description: | This field is specified when the traceflow packet matched a jump-to rule. format: int64 readOnly: true title: |- The ID of the jump-to rule that was applied to the traceflow packet type: integer l2_rule_id: description: | This field is specified when the traceflow packet matched a l2 rule. format: int64 readOnly: true title: |- The ID of the l2 rule that was applied to the traceflow packet type: integer lport_id: description: |- The id of the logical port at which the traceflow packet was dropped readOnly: true title: |- The id of the logical port at which the traceflow packet was dropped type: string lport_name: description: |- The name of the logical port at which the traceflow packet was dropped readOnly: true title: |- The name of the logical port at which the traceflow packet was dropped type: string nat_rule_id: description: | This field is specified when the traceflow packet matched a NAT rule. format: int64 readOnly: true title: |- The ID of the NAT rule that was applied to drop the traceflow packet type: integer reason: description: |- The reason traceflow packet was dropped enum: - ARP_FAIL - BFD - BROADCAST - DHCP - DLB - FW_RULE - GENEVE - GRE - IFACE - IP - IP_REASS - IPSEC - IPSEC_VTI - L2VPN - L4PORT - LB - LROUTER - LSERVICE - LSWITCH - MANAGEMENT - MD_PROXY - NAT - RTEP_TUNNEL - ND_NS_FAIL - NEIGH - NO_EIP_FOUND - NO_EIP_ASSOCIATION - NO_ENI_FOR_IP - NO_ENI_FOR_LIF - NO_ROUTE - NO_ROUTE_TABLE_FOUND - NO_UNDERLAY_ROUTE_FOUND - NOT_VDR_DOWNLINK - NO_VDR_FOUND - NO_VDR_ON_HOST - NOT_VDR_UPLINK - SERVICE_INSERT - SPOOFGUARD - TTL_ZERO - TUNNEL - VLAN - VXLAN - VXSTT - VMC_NO_RESPONSE - WRONG_UPLINK - FW_STATE - UNKNOWN readOnly: true title: |- The reason traceflow packet was dropped type: string type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationDroppedLogical: allOf: - $ref: '#/definitions/TraceflowObservationDropped' - properties: component_id: description: |- The id of the component that dropped the traceflow packet. readOnly: true title: |- The id of the component that dropped the traceflow packet. type: string service_path_index: description: | The index of service path that is a chain of services represents the point where the traceflow packet was dropped. format: int64 readOnly: true title: |- The index of service path type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationForwarded: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: context: description: |- The 64bit tunnel context carried on the wire format: int64 title: |- The 64bit tunnel context carried on the wire type: integer dst_transport_node_id: description: |- This field will not be always available. Use remote_ip_address when this field is not set. readOnly: true title: |- The id of the transport node to which the traceflow packet is forwarded type: string dst_transport_node_name: description: |- The name of the transport node to which the traceflow packet is forwarded readOnly: true title: |- The name of the transport node to which the traceflow packet is forwarded type: string local_ip_address: description: |- IP address of the source end of the tunnel format: ip type: string remote_ip_address: description: |- IP address of the destination end of the tunnel format: ip type: string uplink_name: description: |- The name of the uplink the traceflow packet is forwarded on title: |- The name of the uplink the traceflow packet is forwarded on type: string vtep_label: description: |- The virtual tunnel endpoint label format: int64 title: |- The virtual tunnel endpoint label type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationForwardedLogical: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: acl_rule_id: description: | This field is specified when the traceflow packet matched a L3 firewall rule. format: int64 readOnly: true title: |- The id of the L3 firewall rule that was applied to forward the traceflow packet type: integer component_id: description: |- The id of the component that forwarded the traceflow packet. readOnly: true title: |- The id of the component that forwarded the traceflow packet. type: string dst_component_id: description: |- The id of the destination component to which the traceflow packet was forwarded. readOnly: true title: |- The id of the destination component to which the traceflow packet was forwarded. type: string dst_component_name: description: |- The name of the destination component to which the traceflow packet was forwarded. readOnly: true title: |- The name of the destination component to which the traceflow packet was forwarded. type: string dst_component_type: description: |- The type of the destination component to which the traceflow packet was forwarded. enum: - PHYSICAL - LR - LS - DFW - BRIDGE - EDGE_TUNNEL - EDGE_HOSTSWITCH - FW_BRIDGE - EDGE_RTEP_TUNNEL - LOAD_BALANCER - NAT - IPSEC - SERVICE_INSERTION - VMC - SPOOFGUARD - EDGE_FW - DLB - ANTREA_SPOOFGUARD - ANTREA_LB - ANTREA_ROUTING - ANTREA_DFW - ANTREA_FORWARDING - HOST_SWITCH - UNKNOWN readOnly: true type: string jumpto_rule_id: description: | This field is specified when the traceflow packet matched a jump-to rule. format: int64 readOnly: true title: |- The ID of the jump-to rule that was applied to the traceflow packet type: integer l2_rule_id: description: | This field is specified when the traceflow packet matched a l2 rule. format: int64 readOnly: true title: |- The ID of the l2 rule that was applied to the traceflow packet type: integer lport_id: description: |- The id of the logical port through which the traceflow packet was forwarded. readOnly: true title: |- The id of the logical port through which the traceflow packet was forwarded. type: string lport_name: description: |- The name of the logical port through which the traceflow packet was forwarded. readOnly: true title: |- The name of the logical port through which the traceflow packet was forwarded. type: string nat_rule_id: description: | This field is specified when the traceflow packet matched a NAT rule. format: int64 readOnly: true title: |- The ID of the NAT rule that was applied to forward the traceflow packet type: integer resend_type: description: |- ARP_UNKNOWN_FROM_CP - Unknown ARP query result emitted by control plane ND_NS_UNKNOWN_FROM_CP - Unknown neighbor solicitation query result emitted by control plane UNKNOWN - Unknown resend type enum: - UNKNOWN - ARP_UNKNOWN_FROM_CP - ND_NS_UNKNWON_FROM_CP readOnly: true title: |- The type of packet resending type: string service_index: description: |- The index of the service insertion component format: int64 readOnly: true title: |- The index of the service insertion component type: integer service_path_index: description: |- The path index of the service insertion component format: int64 readOnly: true title: |- The path index of the service insertion component type: integer service_ttl: description: |- The ttl of the service insertion component format: int64 readOnly: true title: |- The ttl of the service insertion component type: integer spoofguard_ip: description: |- This field specified the prefix IP address a traceflow packet matched in the whitelist in spoofguard. format: ip-cidr-block readOnly: true type: string spoofguard_mac: description: | The source MAC address of form: "^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$". For example: 00:00:00:00:00:00. format: mac-address readOnly: true type: string spoofguard_vlan_id: description: |- This field specified the VLAN id a traceflow packet matched in the whitelist in spoofguard. format: int64 readOnly: true type: integer svc_nh_mac: description: | MAC address of nexthop for service insertion(SI) in service VM(SVM) where the traceflow packet was received. readOnly: true title: |- MAC address of nexthop type: string translated_dst_ip: description: |- The translated destination IP address of VNP/NAT format: ip readOnly: true type: string translated_src_ip: description: |- The translated source IP address of VPN/NAT format: ip readOnly: true type: string vlan: description: | This field is specified when the traceflow packet was forwarded by a VLAN logical network. format: int64 readOnly: true type: integer vni: description: | This field is specified when the traceflow packet was forwarded by an overlay logical network. format: int32 readOnly: true title: |- VNI for the logical network on which the traceflow packet was forwarded. type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- TraceflowObservation list results items: $ref: '#/definitions/TraceflowObservation' title: |- TraceflowObservation list results type: array type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationReceived: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: local_ip_address: description: |- IP address of the destination end of the tunnel format: ip type: string remote_ip_address: description: |- IP address of the source end of the tunnel format: ip type: string uplink_name: description: |- The name of the uplink the traceflow packet is received on title: |- The name of the uplink the traceflow packet is received on type: string vtep_label: description: |- The virtual tunnel endpoint label format: int64 title: |- The virtual tunnel endpoint label type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationReceivedLogical: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: component_id: description: |- The id of the component that received the traceflow packet. readOnly: true title: |- The id of the component that received the traceflow packet. type: string lport_id: description: |- The id of the logical port at which the traceflow packet was received readOnly: true title: |- The id of the logical port at which the traceflow packet was received type: string lport_name: description: |- The name of the logical port at which the traceflow packet was received readOnly: true title: |- The name of the logical port at which the traceflow packet was received type: string src_component_id: description: |- The id of the source component from which the traceflow packet was received. readOnly: true title: |- The id of the source component from which the traceflow packet was received. type: string src_component_name: description: |- The name of source component from which the traceflow packet was received. readOnly: true title: |- The name of source component from which the traceflow packet was received. type: string src_component_type: description: |- The type of the source component from which the traceflow packet was received. enum: - PHYSICAL - LR - LS - DFW - BRIDGE - EDGE_TUNNEL - EDGE_HOSTSWITCH - FW_BRIDGE - EDGE_RTEP_TUNNEL - LOAD_BALANCER - NAT - IPSEC - SERVICE_INSERTION - VMC - SPOOFGUARD - EDGE_FW - DLB - ANTREA_SPOOFGUARD - ANTREA_LB - ANTREA_ROUTING - ANTREA_DFW - ANTREA_FORWARDING - HOST_SWITCH - UNKNOWN readOnly: true type: string svc_mac: description: | MAC address of SAN volume controller for service insertion(SI) in service VM(SVM) where the traceflow packet was received. readOnly: true title: |- MAC address of SAN volume controller type: string vlan: description: | This field is specified when the traceflow packet was received by a VLAN logical network. format: int64 readOnly: true type: integer vni: description: | This field is specified when the traceflow packet was received by an overlay logical network. format: int32 readOnly: true title: |- VNI for the logical network on which the traceflow packet was received. type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationRelayedLogical: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: dst_server_address: description: |- This field specified the IP address of the destination which the packet will be relayed. format: ip readOnly: true type: string logical_comp_uuid: description: |- This field specified the logical component that relay service located. readOnly: true title: |- The id of the component which relay service located type: string message_type: default: REQUEST description: |- This field specified the message type of the relay service REQUEST - The relay service will relay a request message to the destination server REPLY - The relay service will relay a reply message to the client enum: - REQUEST - REPLY readOnly: true title: |- The type of the relay service type: string relay_server_address: description: |- This field specified the IP address of the relay service. format: ip readOnly: true type: string type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TraceflowObservationReplicationLogical: allOf: - $ref: '#/definitions/TraceflowObservation' - properties: local_ip_address: description: |- Local IP address of the component that replicates the packet. format: ip readOnly: true type: string replication_type: description: |- This field specifies the type of replication message TX_VTEP - Transmit replication to all VTEPs TX_MTEP - Transmit replication to all MTEPs RX - Receive replication enum: - TX_VTEP - TX_MTEP - RX readOnly: true title: |- The replication type of the message type: string uplink_name: description: |- The name of uplink readOnly: true title: |- The name of uplink type: string vtep_label: description: |- The label of VTEP format: int64 readOnly: true title: |- The label of VTEP type: integer type: object x-vmw-nsx-module: Traceflow x-vmw-nsx-module: Traceflow TrafficRateLimits: description: |- Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type properties: rx_broadcast: default: 0 description: |- Incoming broadcast traffic limit in packets per second format: int32 minimum: 0 readOnly: false title: |- Broadcast receive limit type: integer rx_multicast: default: 0 description: |- Incoming multicast traffic limit in packets per second format: int32 minimum: 0 readOnly: false title: |- Multicast receive limit type: integer tx_broadcast: default: 0 description: |- Outgoing broadcast traffic limit in packets per second format: int32 minimum: 0 readOnly: false title: |- Broadcast transmit limit type: integer tx_multicast: default: 0 description: |- Outgoing multicast traffic limit in packets per second format: int32 minimum: 0 readOnly: false title: |- Multicast transmit limit type: integer title: |- Rate limiting configuration type: object x-vmw-nsx-module: PolicySegmentSecurity TransportInfo: properties: dst_port: description: |- Destination port format: int64 maximum: 65535 minimum: 0 title: |- Destination port type: integer protocol: description: |- Protocol type over IP layer enum: - TCP - UDP - ICMPv4 - ICMPv6 title: |- Protocol type over IP layer type: string src_port: description: |- Source port format: int64 maximum: 65535 minimum: 0 title: |- Source port type: integer type: object x-vmw-nsx-module: LiveTrace TransportNodeCollectionState: description: |- Realization state of attaching or detaching Transport node profile on compute collection. properties: aggregate_progress_percentage: description: |- Average of all transport node deployment progress in a cluster. Applicable only if transport node profile is applied on a cluster. format: int64 readOnly: true title: |- Aggregate percentage of compute collection deployment type: integer cluster_level_error: description: |- Errors while applying transport node profile which need cluster level action to resolve title: |- Errors which needs cluster level to resolution type: string state: description: | If the host preparation or transport node creation is going on for any host then state will be "IN_PROGRESS". If setting desired state of the transport node failed for any of the host then state will be "FAILED_TO_CREATE" If realization of transport node failed for any of the host then state will be "FAILED_TO_REALIZE" If Transport node is successfully created for all of the hosts in compute collection then state will be "SUCCESS" You can override the configuration for one or more hosts in the compute collection by update TN(transport node) request on individual TN. If TN is successfully created for all hosts in compute collection and one or more hosts have overridden configuration then transport node collection state will be "PROFILE_MISMATCH". enum: - FAILED_TO_CREATE - FAILED_TO_REALIZE - IN_PROGRESS - PROFILE_MISMATCH - SUCCESS readOnly: true title: |- Application state of transport node template on compute collection type: string validation_errors: description: |- Transport node profile(TNP) will not be applied to a discovered node(DN) if some validations are not passed. In this case transport node is not created or existing transport node is not updated with TNP configurations. items: $ref: '#/definitions/ValidationError' title: |- Errors while applying transport node profile on discovered node type: array vlcm_transition_error: description: |- When vLCM is enabled on a compute collection in vSphere the transition workflow is triggered. This field indicates error in this special case. readOnly: true title: |- Errors while enabling vLCM on the compute collection type: string title: |- Transport node template application state type: object x-vmw-nsx-module: TransportNodeCollection TransportNodeDeploymentProgressState: description: |- Deployment progress state of transport node. Object has current deployment step title and progress in percentage. properties: current_step_title: description: |- Deployment step title readOnly: true title: |- Deployment step title type: string progress: description: |- Percentage of deployment completed format: int64 readOnly: true title: |- Percentage of deployment completed type: integer title: |- Deployment progress of transport node type: object x-vmw-nsx-module: TransportNode TransportNodeSpanEnforcedStatus: allOf: - $ref: '#/definitions/EnforcedStatusPerScopeNsxT' - properties: enforced_status_per_transport_node: description: |- List of Detailed Realized Status per Transport Node. items: $ref: '#/definitions/EnforcedStatusPerTransportNode' readOnly: true title: |- List of Enforced Realized Status per Transport Node type: array type: object x-vmw-nsx-module: PolicyRealizationStatus description: | Detailed Realized Status of an Intent on a span of Transport Nodes. title: |- Enforced Realized Status across Transport Nodes x-vmw-nsx-module: PolicyRealizationStatus TransportNodeState: allOf: - $ref: '#/definitions/ConfigurationState' - properties: deployment_progress_state: $ref: '#/definitions/TransportNodeDeploymentProgressState' host_switch_states: description: |- States of HostSwitches on the host items: $ref: '#/definitions/HostSwitchState' readOnly: true title: |- States of HostSwitches on the host type: array maintenance_mode_state: description: |- the present realized maintenance mode state enum: - ENTERING - ENABLED - EXITING - DISABLED readOnly: true type: string node_deployment_state: $ref: '#/definitions/ConfigurationState' remote_tunnel_endpoint_state: $ref: '#/definitions/RemoteTunnelEndpointConfigState' transport_node_id: description: |- Unique Id of the TransportNode readOnly: true title: |- Unique Id of the TransportNode type: string type: object x-vmw-nsx-module: TransportNode description: |- Transport Node State title: |- Transport Node State x-vmw-nsx-module: TransportNode TransportNodeStateListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Transport Node State Results items: $ref: '#/definitions/TransportNodeState' readOnly: true title: |- Transport Node State Results type: array type: object x-vmw-nsx-module: TransportNode description: |- Transport node state queries result title: |- Transport node state queries result x-vmw-nsx-module: TransportNode TransportNodeStatus: properties: agent_status: $ref: '#/definitions/AgentStatusCount' control_connection_status: $ref: '#/definitions/StatusCount' mgmt_connection_status: description: |- Management connection status enum: - UP - DOWN title: |- Management connection status type: string node_display_name: description: |- Transport node display name title: |- Display name type: string node_path: description: |- Transport node path title: |- Transport node path type: string node_status: $ref: '#/definitions/NodeStatus' node_uuid: description: |- Transport node uuid title: |- Transport node uuid type: string pnic_status: $ref: '#/definitions/StatusCount' status: description: |- Roll-up status of pNIC, management connection, control connection, tunnel status, agent status enum: - UP - DOWN - DEGRADED - UNKNOWN title: |- Roll-up status of connections type: string threat_status: $ref: '#/definitions/ThreatStatus' tunnel_status: $ref: '#/definitions/TunnelStatusCount' type: object x-vmw-nsx-module: Heatmap TransportNodeStatusListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List of transport node statuses items: $ref: '#/definitions/TransportNodeStatus' title: |- List of transport node statuses type: array type: object x-vmw-nsx-module: Heatmap x-vmw-nsx-module: Heatmap TransportProtocolHeader: properties: dhcp_header: $ref: '#/definitions/DhcpHeader' dhcpv6_header: $ref: '#/definitions/Dhcpv6Header' dns_header: $ref: '#/definitions/DnsHeader' icmp_echo_request_header: $ref: '#/definitions/IcmpEchoRequestHeader' ndp_header: $ref: '#/definitions/NdpHeader' tcp_header: $ref: '#/definitions/TcpHeader' udp_header: $ref: '#/definitions/UdpHeader' type: object x-vmw-nsx-module: Traceflow TransportZoneEndPoint: description: |- Specify which HostSwitch from this TransportNode is used handle traffic for given TransportZone properties: transport_zone_id: description: |- For MP APIs provide UUID of transport zone. For Policy APIs provide policyPath of transport zone. title: |- Unique ID identifying the transport zone for this endpoint type: string transport_zone_profile_ids: description: |- For MP APIs provide UUID of transport zone profiles. For Policy APIs provide policyPath of transport zone profiles. items: $ref: '#/definitions/TransportZoneProfileTypeIdEntry' title: |- Identifiers of the transport zone profiles associated with this transport zone endpoint on this transport node. type: array required: - transport_zone_id title: |- This object associates TransportNode to a certain TransportZone type: object x-vmw-nsx-module: TransportNode TransportZoneProfileTypeIdEntry: properties: profile_id: description: |- profile id of the resource type readOnly: false type: string resource_type: description: |- Selects the type of the transport zone profile enum: - BfdHealthMonitoringProfile type: string required: - profile_id type: object x-vmw-nsx-module: TransportZoneProfile TunnelInterfaceIPSubnet: properties: ip_addresses: description: |- IPv4 Addresses items: description: |- IPv4 address format: ipv4 type: string maxItems: 1 minItems: 1 title: |- IPv4 Addresses type: array prefix_length: description: |- Subnet Prefix Length format: int64 maximum: 31 minimum: 1 title: |- Subnet Prefix Length type: integer required: - ip_addresses - prefix_length type: object x-vmw-nsx-module: PolicyVpnIPSecVpn TunnelList: allOf: - $ref: '#/definitions/ListResult' - properties: tunnels: description: |- List of transport node tunnels items: $ref: '#/definitions/TunnelProperties' readOnly: true title: |- List of transport node tunnels type: array type: object x-vmw-nsx-module: Tunnel x-vmw-nsx-module: Tunnel TunnelProperties: allOf: - $ref: '#/definitions/Resource' - properties: bfd: $ref: '#/definitions/BFDProperties' egress_interface: description: |- Corresponds to the interface where local_ip_address is routed. readOnly: true title: |- Name of local transport interface carrying tunnel traffic type: string encap: description: |- Tunnel encap enum: - STT - VXLAN - GENEVE - NONE - UNKNOWN_ENCAP readOnly: true title: |- Tunnel encap type: string last_updated_time: description: |- Time at which the Tunnel status has been fetched last time. format: int64 readOnly: true type: integer latency_type: description: |- Latency type. enum: - UNKNOWN_LATENCY - VALID - NOT_READY - TIMEOUT readOnly: true title: |- Latency type type: string latency_value: description: |- The latency value is set only when latency_type is VALID. format: int64 readOnly: true title: |- Latency value type: integer local_ip: description: |- Local IP address of tunnel format: ip readOnly: true title: |- Local IP address of tunnel type: string name: description: |- Name of tunnel readOnly: true title: |- Name of tunnel type: string remote_ip: description: |- Remote IP address of tunnel format: ip readOnly: true title: |- Remote IP address of tunnel type: string remote_node_display_name: description: |- Represents the display name of the remote transport node at the other end of the tunnel. readOnly: true title: |- Display name of the remote transport node type: string remote_node_id: description: |- UUID of the remote transport node readOnly: true title: |- UUID of the remote transport node type: string status: description: |- Status of tunnel enum: - UP - DOWN - UNKNOWN readOnly: true title: |- Status of tunnel type: string type: object x-vmw-nsx-module: Tunnel x-vmw-nsx-module: Tunnel TunnelStatusCount: allOf: - $ref: '#/definitions/StatusCount' - properties: bfd_diagnostic: $ref: '#/definitions/BFDDiagnosticCount' bfd_status: $ref: '#/definitions/BFDStatusCount' type: object x-vmw-nsx-module: Heatmap x-vmw-nsx-module: Heatmap TunnelSubnet: properties: ip_addresses: description: |- Subnet ip addresses items: description: |- IPv4 address format: ipv4 type: string maxItems: 1 minItems: 1 title: |- Subnet ip addresses type: array uniqueItems: true prefix_length: description: |- Subnet Prefix Length format: int64 maximum: 31 minimum: 1 title: |- Subnet Prefix Length type: integer required: - ip_addresses - prefix_length type: object x-vmw-nsx-module: PolicyL3Vpn UdpHeader: properties: dst_port: default: 0 description: |- Destination port of udp header format: int64 maximum: 65535 minimum: 0 title: |- Destination port of udp header type: integer src_port: default: 0 description: |- Source port of udp header format: int64 maximum: 65535 minimum: 0 title: |- Source port of udp header type: integer type: object x-vmw-nsx-module: Traceflow UnaryOperation: description: |- Unary Operation. properties: operand: $ref: '#/definitions/ResourceFieldPointer' operator: description: |- Logical Operator describing the operation to apply to the operand. enum: - APPEND - SUBTRACT title: |- Operator type: string required: - operator - operand title: |- Unary Operation type: object x-vmw-nsx-module: PolicyReaction UnaryOperationBasedInjectionValue: allOf: - $ref: '#/definitions/InjectionValue' - properties: initial_value: $ref: '#/definitions/ResourceFieldPointer' operation: $ref: '#/definitions/UnaryOperation' required: - initial_value type: object x-vmw-nsx-module: PolicyReaction description: |- Operation based Injection Value. title: |- Operation based Injection Value x-vmw-nsx-module: PolicyReaction UnboundedKeyValuePair: description: |- A key-value pair with no limitations on size properties: key: description: |- Key readOnly: false title: |- Key type: string value: description: |- Value readOnly: false title: |- Value type: string required: - value - key title: |- A key-value pair with no limitations on size type: object x-vmw-nsx-module: Common UnidirectionalServicePath: description: |- Representing either forward or reverse service path for ingress or egress traffic respectively. properties: hops: description: |- List of service path hops that constitutes the forward or reverse service path. items: $ref: '#/definitions/ServicePathHop' readOnly: true title: |- Forward or reverse service path hops type: array host_cross_count: description: |- The number of times the traffic needs to cross hosts for the given forward or reverse service path. format: int64 readOnly: true title: |- Host crossing count type: integer in_maintenance_mode: description: |- Is forward or revserse service path in maintenance mode or not. readOnly: true title: |- Is in maintenance mode type: boolean is_active: description: |- Is forward or revserse service path active or not. readOnly: true title: |- Is active type: boolean unidir_service_path_id: description: |- Unique identifier of one directional service path. format: int64 readOnly: true title: |- Unidirectional service path id type: integer title: |- Forward or reverse service path type: object x-vmw-nsx-module: ServiceInsertionCommonTypes UpgradeCoordinatorDeploymentConfig: allOf: - $ref: '#/definitions/CloudNativeDeploymentConfig' - type: object x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator description: |- Configuration for upgrade-coordinator deployment. title: |- Configuration for upgrade-coordinator deployment x-vmw-nsx-module: PolicyCloudNativeUpgradeCoordinator UpgradeTopology: description: |- Recommended topology for migrating NVDS to VDS properties: topology: description: |- All resultant VDS mapping for a NVDS after the migration items: $ref: '#/definitions/NvdsUpgradeTopology' title: |- All resultant VDS mapping for a NVDS after the migration type: array required: - topology title: |- Recommended topology for migrating NVDS to VDS type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck Uplink: description: |- Object to identify an uplink based on its type and name properties: uplink_name: description: |- Name of this uplink title: |- Name of this uplink type: string uplink_type: description: |- Type of the uplink enum: - PNIC - LAG title: |- Type of the uplink type: string required: - uplink_name - uplink_type title: |- Object to identify an uplink based on its type and name type: object x-vmw-nsx-module: UplinkHostSwitchProfile UploadBundleId: description: |- Bundle Id for uploaded file. properties: bundle_id: description: |- Bundle id of uploaded file. title: |- Bundle id type: string title: |- Bundle Id type: object x-vmw-nsx-module: PolicyCloudNative UploadBundleRemoteServer: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: port: description: |- Port to connect with. title: |- Port to connect with type: string protocol: description: |- Protocol used HTTP or HTTPS. enum: - HTTP - HTTPS title: |- Protocol type: string server: description: |- Server IP or FQDN. format: hostname-or-ip title: |- Server IP or FQDN type: string uri: description: |- Relative path to download file. title: |- Relative path to download file type: string required: - protocol - uri - server type: object x-vmw-nsx-module: PolicyCloudNative description: |- Upload bundle from remote server. title: |- Upload bundle from remote server x-vmw-nsx-module: PolicyCloudNative UploadBundleStatus: allOf: - $ref: '#/definitions/UploadBundleRemoteServer' - properties: description: description: |- More detail about bundle upload. title: |- More detail about bundle upload type: string percent: description: |- Upload percentage for bundle. title: |- Upload percentage for bundle type: number status: description: | Current state of bundle upload. UPLOADING - Upload in progress. DOWNLOADING - Download in progress. EXTRACTING - Extract in progress. VERIFYING - Verifying signature of uploaded bundle. SUCCESS - Upload complete. FAILED - Upload failed. enum: - UPLOADING - VERIFYING - DOWNLOADING - EXTRACTING - SUCCESS - FAILED title: |- Current state of bundle upload type: string type: object x-vmw-nsx-module: PolicyCloudNative description: |- Status of uploaded bundle. title: |- Status of uploaded bundle x-vmw-nsx-module: PolicyCloudNative UrlAlias: description: |- Short name or alias of a url. It is used to represent the url. properties: alias: description: |- Short name or alias of url, if any. If not specified, the url can be referenced by its index in the array of urls of the datasource instance as $ (for example, $0). maxLength: 255 title: |- Url Alias Name type: string keystore_info: $ref: '#/definitions/KeyStoreInfo' query: description: |- Search query to be applied, if any. If query string is not provided, it will be ignored. maxLength: 1024 title: |- Search query of the search api, if any type: string request_body: description: |- A raw request body in the form json format for a given url. This request body will be submitted along with request while giving a post api call. type: object request_headers: description: |- A raw request header in the form json format for a given url. This request header will be submitted along with request while giving a api call. type: object request_method: default: Get description: |- Type of the http method (Get, Post) to be used while invoking the given url through dashboard datasource framework. enum: - Get - Post title: |- Type of http method type: string url: description: |- Url to fetch data from. maxLength: 1024 title: |- Url type: string required: - url title: |- Url Alias type: object x-vmw-nsx-module: NsxDashboard UserInfo: description: |- Authenticated User Info properties: roles: description: |- Permissions items: $ref: '#/definitions/NsxRole' readOnly: true title: |- Permissions type: array user_name: description: |- User Name readOnly: true title: |- User Name type: string title: |- Authenticated User Info type: object x-vmw-nsx-module: AAA UserSession: description: |- User login session information properties: domain_name: description: |- AD Domain of user. title: |- AD Domain type: string login_time: description: |- Login time. format: int64 type: integer logout_time: description: | Logout time if applicable. An active user session has no logout time. format: int64 type: integer user_name: description: |- AD user name. title: |- AD user name type: string user_session_id: description: |- User session ID. This also indicates whether this is VDI / RDSH. format: int32 title: |- User session ID type: integer required: - login_time - user_name - domain_name - user_session_id type: object x-vmw-nsx-module: PolicyRealizedState VMTagReplicationPolicy: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: groups: description: | Paths of groups (VM tag-based, VM name-based, etc.) that translates into VMs to be replicated from protected site to recovery sites. If no group is specified, none of the VM tag will be replicated from protected site to recovery sites. items: type: string title: |- Paths of groups type: array protected_site: description: | A path of protected site, from where tags of selected VMs will be replicated to recovery sites. title: |- A path of protected site type: string recovery_sites: description: | Paths of recovery sites, where tags of selected VMs will be replicated to, from protected site. items: type: string maxItems: 1 minItems: 1 title: |- Paths of recovery sites type: array vm_match_criteria: default: MATCH_NSX_ATTACHMENT_ID description: | Matching criteria used for associating VMs from protected site to VMs on recovery sites. - MATCH_NSX_ATTACHMENT_ID : Associate VMs from the protected site and recovery sites based on NSX attachment ID. - MATCH_BIOS_UUID_NAME : Associate VMs from the protected site and recovery sites based on (VM BIOS UUID + VM Name). enum: - MATCH_NSX_ATTACHMENT_ID - MATCH_BIOS_UUID_NAME title: |- Matching criteria used for associating VMs type: string required: - protected_site - recovery_sites type: object x-vmw-nsx-module: VMTagReplicationPolicy description: | A policy to replicate tags from once site to other sites. title: |- A policy to replicate tags from once site to other x-vmw-nsx-module: VMTagReplicationPolicy VMTagReplicationPolicyListResult: allOf: - $ref: '#/definitions/ListResult' - properties: result_count: description: |- Count of the VM tag replication policies in the results array format: int64 readOnly: true title: |- Count of the VM tag replication policies in the results array type: integer results: description: |- Collection of VM tag replication policies items: $ref: '#/definitions/VMTagReplicationPolicy' readOnly: true title: |- Collection of VM tag replication policies type: array type: object x-vmw-nsx-module: VMTagReplicationPolicy x-vmw-nsx-module: VMTagReplicationPolicy ValidationError: description: |- Error while applying transport node profile on discovered node properties: discovered_node_id: description: |- Discovered Node Id readOnly: true title: |- Discovered Node Id type: string error_message: description: |- Validation error message readOnly: true title: |- Validation error message type: string title: |- Validation Error type: object x-vmw-nsx-module: TransportNodeCollection ValueConstraintExpression: allOf: - $ref: '#/definitions/ConstraintExpression' - properties: operator: description: |- Operation to check for value list for resource attribute of constraint. enum: - INCLUDES - EXCLUDES - EQUALS title: |- Operation to check for value list for resource attribute of constraint. type: string values: description: |- List of values. items: type: string title: |- Array of values to perform operation. type: array x-deprecated: true values_with_type: $ref: '#/definitions/ConstraintValue' required: - operator type: object x-vmw-nsx-module: PolicyConstraints description: | Represents the leaf level value constraint to constrain specified attribute value to the set of values to be allowed/not-allowed. Example - sourceGroups allowed to have only with list of groups. { "operator":"INCLUDES", "values":["/infra/services/HTTP", "/infra/services/HTTPS"] } title: |- Represents the leaf level value constraint. x-vmw-nsx-module: PolicyConstraints VdsTopology: allOf: - $ref: '#/definitions/ManagedResource' - properties: cluster_id: description: |- Identifier of cluster where VDS will be created title: |- Identifier of cluster where VDS will be created type: string data_center_id: description: |- Identifier of datacenter where VDS will be created title: |- Identifier of datacenter where VDS will be created type: string status_details: description: |- Details of the VDS configuration status items: type: string readOnly: true title: |- Details of the VDS configuration status type: array transport_node_id: description: |- Transport node identifiers on which NVDS(s) being upgraded to VDS items: type: string title: |- Transport node identifiers on which NVDS(s) being upgraded to VDS type: array vds_config: $ref: '#/definitions/DVSConfig' vds_name: description: |- VDS name that will be created under above datacenter title: |- VDS name that will be created under above datacenter type: string vds_status: description: |- Status of the VDS configuration enum: - PENDING_TOPOLOGY - APPLYING_TOPOLOGY - APPLY_TOPOLOGY_FAILED - READY - REMOVING_TOPOLOGY readOnly: true title: |- Status of the VDS configuration type: string vmknic: description: |- Virtual network interfaces that will be moved from VLAN Logical switch to Distributed Virtual PortGroup items: type: string title: |- Virtual network interfaces that will be moved from VLAN Logical switch to Distributed Virtual PortGroup type: array required: - data_center_id - vds_name - transport_node_id type: object x-vmw-nsx-module: NvdsUpgradeReadinessCheck description: |- VDS details where NVDS will be migrated to title: |- VDS details where NVDS will be migrated to x-vmw-nsx-module: NvdsUpgradeReadinessCheck VdsUplink: description: |- If Virtual Distributed Switch is used as a HostSwitch to configure TransportNode or TransportNodeProfie, this mapping should be specified. You can either use vds_uplink_name or vds_lag_name to associate with uplink_name from UplinkHostSwitch profile. properties: uplink_name: description: |- This name is from UplinkHostSwitch profile that is associated with the HostSwitch specified in TransportNode or TransportNodeProfile configuration. This name will be used as an alias to either VDS uplink or lag in other configuration. readOnly: false title: |- Uplink name from UplinkHostSwitch profile type: string vds_lag_name: description: |- LAG name that is connected to Physical NIC on a host from vSphere. readOnly: false title: |- Link Aggregation Group (LAG) name of Virtual Distributed Switch type: string vds_uplink_name: description: |- Uplink name of VDS that is connected to Physical NIC on a host from vSphere. readOnly: false title: |- Uplink name of VMware vSphere Distributed Switch (VDS) type: string required: - uplink_name title: |- VMware vSphere Distributed Switch (VDS) uplink/LAG mapping type: object x-vmw-nsx-module: TransportNode VersionList: allOf: - $ref: '#/definitions/ManagedResource' - properties: acceptable_versions: description: |- List of component versions items: type: string title: |- List of component versions type: array required: - acceptable_versions type: object x-vmw-nsx-module: VersionWhitelist x-vmw-nsx-module: VersionWhitelist VidmInfo: description: |- Vidm Info properties: display_name: description: |- User's Full Name Or User Group's Display Name readOnly: true title: |- User's Full Name Or User Group's Display Name type: string name: description: |- Username Or Groupname readOnly: true title: |- Username Or Groupname type: string type: description: |- Type enum: - remote_user - remote_group readOnly: true title: |- Type type: string title: |- Vidm Info type: object x-vmw-nsx-module: AAA VidmInfoListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- List results items: $ref: '#/definitions/VidmInfo' title: |- List results type: array required: - results type: object x-vmw-nsx-module: AAA x-vmw-nsx-module: AAA View: allOf: - $ref: '#/definitions/ManagedResource' - properties: display_name: description: |- Title of the widget. maxLength: 255 title: |- Widget Title type: string exclude_roles: description: |- Comma separated list of roles to which the shared view is not visible. Allows user to prevent the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles. If include_roles is specified then exclude_roles cannot be specified. maxLength: 1024 title: |- Roles to which the shared view is not visible type: string include_roles: description: |- Comma separated list of roles to which the shared view is visible. Allows user to specify the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles. maxLength: 1024 title: |- Roles to which the shared view is visible type: string shared: default: false description: |- Defaults to false. Set to true to publish the view to other users. The widgets of a shared view are visible to other users. title: |- Share the view with other users type: boolean weight: default: 10000 description: |- Determines placement of view relative to other views. The lower the weight, the higher it is in the placement order. format: int32 title: |- Weightage or placement of the view type: integer widgets: description: |- Array of widgets that are part of the view. items: $ref: '#/definitions/WidgetItem' minItems: 0 title: |- Widgets type: array required: - widgets - display_name type: object x-vmw-nsx-module: NsxDashboard description: |- Describes the configuration of a view to be displayed on the dashboard. title: |- Dashboard View x-vmw-nsx-module: NsxDashboard ViewList: description: |- Represents a list of views. properties: views: description: |- Array of views items: $ref: '#/definitions/View' readOnly: true title: |- Array of views type: array title: |- List of Views type: object x-vmw-nsx-module: NsxDashboard VirtualEndpoint: allOf: - $ref: '#/definitions/BaseEndpoint' - properties: service_names: description: |- One VirtualEndpoint will be created per service name. items: type: string maxItems: 1 minItems: 1 readOnly: false title: |- Services for which this endpoint to be created type: array required: - service_names type: object x-vmw-nsx-module: PolicyServiceInsertion description: | A VirtualEndpoint represents an IP (or nexthop) which is outside SDDC. It represents a redirection target for RedirectionPolicy. title: |- This endpoint is strictly of the type Virtual x-vmw-nsx-module: PolicyServiceInsertion VirtualEndpointListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- All virtual endpoints under a Tier0 items: $ref: '#/definitions/VirtualEndpoint' title: |- All virtual endpoints under a Tier0 type: array required: - results type: object x-vmw-nsx-module: PolicyServiceInsertion description: |- Collection of vitual endpoints under a Tier0 title: |- Collection of vitual endpoints under a Tier0 x-vmw-nsx-module: PolicyServiceInsertion VirtualMachine: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: compute_ids: description: |- List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx'] items: type: string title: |- List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx'] type: array external_id: description: |- Current external id of this virtual machine in the system. title: |- Current external id of this virtual machine in the system. type: string guest_info: $ref: '#/definitions/GuestInfo' host_id: description: |- Id of the host in which this virtual machine exists. title: |- Id of the host in which this virtual machine exists. type: string local_id_on_host: description: |- Id of the vm unique within the host. title: |- Id of the vm unique within the host. type: string power_state: description: |- Current power state of this virtual machine in the system. enum: - VM_RUNNING - VM_STOPPED - VM_SUSPENDED - UNKNOWN title: |- Current power state of this virtual machine in the system. type: string source: $ref: '#/definitions/ResourceReference' type: description: |- Virtual Machine type; Edge, Service VM or other. enum: - EDGE - SERVICE - REGULAR - MP - INTELLIGENCE - VC_SYSTEM - UNKNOWN readOnly: true title: |- Virtual Machine type; Edge, Service VM or other. type: string required: - local_id_on_host - external_id - power_state - compute_ids type: object x-vmw-nsx-module: Inventory x-vmw-nsx-module: Inventory VirtualMachineDetails: allOf: - $ref: '#/definitions/Resource' - properties: active_sessions: description: |- List of active (still logged in) user login/session data (no limit). items: $ref: '#/definitions/UserSession' title: |- List of active (still logged in) user login/sessions data (no limit) type: array archived_sessions: description: |- Optional list of up to 5 most recent archived (previously logged in) user login/session data. items: $ref: '#/definitions/UserSession' title: |- Optional list of archived (previously logged in) user login/session data (maximum 5) type: array type: object x-vmw-nsx-module: PolicyRealizedState description: |- Virtual Machine Details title: |- Virtual Machine Details x-vmw-nsx-module: PolicyRealizedState VirtualMachineListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- VirtualMachine list results items: $ref: '#/definitions/VirtualMachine' title: |- VirtualMachine list results type: array required: - results type: object x-vmw-nsx-module: Inventory x-vmw-nsx-module: Inventory VirtualMachineTagsUpdate: description: | List of tags applied to the virtual machine. Based on the enforcement point, the virtual_machine_id will be different. It could be an external id for NSX T or a moid for NSX V properties: tags: description: | List of tags to be applied on the virtual machine items: $ref: '#/definitions/Tag' title: |- List of tags to be applied to the virtual machine type: array virtual_machine_id: description: | The identifier that is used in the enforcement point that uniquely identifies the virtual machine. In case of NSXT it would be the value of the external_id of the virtual machine. title: | This is the value of the identifier on the enforcement point that uniquely identifies the virtual machine type: string required: - virtual_machine_id - tags title: |- Payload to update the tags on a Virtual Machine type: object x-vmw-nsx-module: PolicyRealizedState VirtualNetworkInterface: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: device_key: description: |- Device key of the virtual network interface. title: |- Device key of the virtual network interface. type: string device_name: description: |- Device name of the virtual network interface. title: |- Device name of the virtual network interface. type: string external_id: description: |- External Id of the virtual network inferface. title: |- External Id of the virtual network inferface. type: string host_id: description: |- Id of the host on which the vm exists. title: |- Id of the host on which the vm exists. type: string ip_address_info: description: |- IP Addresses of the the virtual network interface, from various sources. items: $ref: '#/definitions/IpAddressInfo' title: |- IP Addresses of the the virtual network interface, from various sources. type: array lport_attachment_id: description: |- LPort Attachment Id of the virtual network interface. title: |- LPort Attachment Id of the virtual network interface. type: string mac_address: description: |- MAC address of the virtual network interface. title: |- MAC address of the virtual network interface. type: string owner_vm_id: description: |- Id of the vm to which this virtual network interface belongs. title: |- Id of the vm to which this virtual network interface belongs. type: string owner_vm_type: description: |- Owner virtual machine type; Edge, Service VM or other. enum: - EDGE - SERVICE - REGULAR readOnly: true title: |- Owner virtual machine type; Edge, Service VM or other. type: string vm_local_id_on_host: description: |- Id of the vm unique within the host. title: |- Id of the vm unique within the host. type: string required: - device_key - owner_vm_id - vm_local_id_on_host - mac_address - host_id - external_id type: object x-vmw-nsx-module: Inventory x-vmw-nsx-module: Inventory VirtualNetworkInterfaceListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- VirtualNetworkInterface list results items: $ref: '#/definitions/VirtualNetworkInterface' title: |- VirtualNetworkInterface list results type: array required: - results type: object x-vmw-nsx-module: Inventory x-vmw-nsx-module: Inventory VirtualPortgroup: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: cm_local_id: description: |- Id of the portgroup, eg. a mo-ref from VC. readOnly: true title: |- Id of the portgroup in compute manager type: string external_id: description: |- External id of the virtual portgroup readOnly: true title: |- External id of the virtual portgroup type: string origin_type: description: |- Portgroup type like DistributedVirtualPortgroup readOnly: true title: |- Portgroup type like DistributedVirtualPortgroup type: string type: object x-vmw-nsx-module: InventoryCmObj description: |- Virtual portgroup on a virtual switch title: |- Virtual portgroup on a virtual switch x-vmw-nsx-module: InventoryCmObj VirtualSwitch: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: cm_local_id: description: |- ID of the virtual switch in compute manager readOnly: true title: |- ID of the virtual switch in compute manager type: string external_id: description: |- External id of the virtual switch readOnly: true title: |- External id of the virtual switch type: string origin_id: description: | ID of the compute manager where this virtual switch is discovered. readOnly: true title: |- ID of the compute manager type: string origin_type: description: |- Switch type like VmwareDistributedVirtualSwitch readOnly: true title: |- Switch type like VmwareDistributedVirtualSwitch type: string type: object x-vmw-nsx-module: InventoryCmObj description: |- Virtual switch on a compute manager title: |- Virtual switch on a compute manager x-vmw-nsx-module: InventoryCmObj VlanVniRangePair: description: |- Vlan-Vni mapping pair resource in EvpnTenantConfig for ROUTE-SERVER Evpn mode properties: vlans: description: |- List of VLAN ids and VLAN ranges (specified with '-'). title: |- List of VLAN ids type: string vnis: description: |- List of VNI ids and VNI ranges (specified with '-'). The vni id is used for VXLAN transmission for a given tenant Vlan ID in ROUTE-SERVER Evpn. title: |- List of VNI ids type: string required: - vnis - vlans title: |- Vlan Vni pair resource type: object x-vmw-nsx-module: PolicyConnectivity VmToolsInfo: allOf: - $ref: '#/definitions/DiscoveredResource' - properties: external_id: description: |- Current external id of this virtual machine in the system. readOnly: true title: |- VM external ID type: string file_agent_version: description: |- Version of file agent on the VM of a third party partner solution. readOnly: true title: |- File agent version on the VM type: string host_local_id: description: |- Id of the VM which is assigned locally by the host. It is the VM-moref on ESXi hosts, in other environments it is VM UUID. readOnly: true title: |- VM ID given by the host type: string network_agent_version: description: |- Version of network agent on the VM of a third party partner solution. readOnly: true title: |- Network agent version on the VM type: string source: $ref: '#/definitions/ResourceReference' svmStatus: description: |- Connectivity Status between each Guest Introspection Solution deployed in the data center with the guest VM. items: $ref: '#/definitions/SvmConnectivityStatus' title: |- SvmConnectivityStatus list. type: array svm_connectivity: description: |- Endpoint Protection (Third party AV partner using NXGI) status on the VM. TRUE - VM is configured and protected by EPP Service VM. FALSE - VM is either not configured for protection or VM is disconnected from EPP Service VM. readOnly: true title: |- Endpoint Protection status on the VM type: boolean tools_version: description: |- Version of VMTools installed on the VM. readOnly: true title: |- VM tools version on the VM type: string vm_type: description: |- Type of VM - Edge, Service or other. enum: - EDGE - SERVICE - REGULAR readOnly: true title: |- Virtual Machine type type: string type: object x-vmw-nsx-module: VmToolsInfo x-vmw-nsx-module: VmToolsInfo VmknicNetwork: description: |- Mapping of all vmk interfaces to destination networks properties: destination_network: description: |- When migrating vmks to N-VDS/logical switches, the id is the logical switch id. When migrating out of N-VDS/logical switches, the id is the vSphere Switch portgroup name in a single vSphere Standard Switch (VSS), or distributed virtual portgroup name in a single distributed virtual switch (DVS). readOnly: false title: |- The network id to which the ESX vmk interface will be migrated. type: string device_name: description: |- The vmk interface name, e.g., vmk0, vmk1; the id assigned by vCenter. readOnly: false title: |- ESX vmk interface name type: string required: - destination_network - device_name title: |- Vmknic network specification type: object x-vmw-nsx-module: TransportNode VniPoolConfig: allOf: - $ref: '#/definitions/PolicyConfigResource' - properties: end: description: |- End value of VNI Pool range format: int32 maximum: 16777215 minimum: 75001 title: |- End value of VNI Pool range type: integer start: description: |- Start value of VNI Pool range format: int32 maximum: 16777215 minimum: 75001 title: |- Start value of VNI Pool range type: integer required: - start - end type: object x-vmw-nsx-module: PolicyConnectivity description: |- Vni Pool Configuration. title: |- Vni Pool Config x-vmw-nsx-module: PolicyConnectivity VniPoolConfigListResult: allOf: - $ref: '#/definitions/ListResult' - properties: results: description: |- Vni Pool Config list results items: $ref: '#/definitions/VniPoolConfig' title: |- Vni Pool Config list results type: array required: - results type: object x-vmw-nsx-module: PolicyConnectivity description: |- Collection of Vni Pool Configuration. title: |- Paged Collection of Vni Pool Configuration x-vmw-nsx-module: PolicyConnectivity VrfEvpnL2VniConfig: properties: enable_vtep_groups: default: false description: | This is used to enable or disable the creation of vtep groups. Each vtep group is used to group vteps with the same MAC for L2 ECMP usage. title: |- Flag to enable or disable the creation of vtep groups type: boolean l2_vni_configs: description: | Define L2 VNI and its related route distinguiser and route targets. items: $ref: '#/definitions/VrfL2VniConfig' maxItems: 1 minItems: 1 title: |- L2 VNI configurations associated with the VRF type: array required: - l2_vni_configs type: object x-vmw-nsx-module: PolicyConnectivity VrfL2VniConfig: properties: l2_vni: description: | L2 VNI associated with the VRF. It must be unique and available from the VNI pool defined for EVPN service. format: int32 title: |- L2 VNI associated with the VRF type: integer route_distinguisher: description: | This is a 64 bit number which disambiguates overlapping logical networks, with format in IPAddress: or ASN:. title: |- The unique route distinguisher for the virtual routing and forwarding instance type: string route_targets: description: |- Route targets. items: $ref: '#/definitions/VrfRouteTargets' maxItems: 1 minItems: 1 title: |- Route targets type: array required: - l2_vni - route_targets - route_distinguisher type: object x-vmw-nsx-module: PolicyConnectivity VrfRouteTargets: description: |- Vrf Route Targets for import/export. properties: address_family: default: L2VPN_EVPN description: |- Address family. enum: - L2VPN_EVPN title: |- Address family type: string export_route_targets: description: |- Export route targets with format in ASN:. items: type: string title: |- Export route targets type: array import_route_targets: description: |- Import route targets with format in ASN:. items: type: string title: |- Import route targets type: array title: |- Vrf Route Targets type: object x-vmw-nsx-module: PolicyConnectivity VrniGlobalCollector: allOf: - $ref: '#/definitions/GlobalCollectorConfig' - properties: report_interval: default: 30 description: |- Report interval for operation data in seconds. format: int32 maximum: 1800 minimum: 1 title: |- Report interval for operation data in seconds type: integer required: - report_interval type: object x-vmw-nsx-module: Policy description: |- NSX global configs for VRNI global collector title: |- NSX global configs for VRNI global collector x-vmw-nsx-module: Policy WaveFrontGlobalCollector: allOf: - $ref: '#/definitions/GlobalCollectorConfig' - properties: tracing_port: default: 30001 description: |- Port for the Wavefront tracing. format: int32 maximum: 65535 minimum: 0 title: |- Port for the Wavefront tracing type: integer type: object x-vmw-nsx-module: Policy description: |- NSX global configs for WAVE_FRONT global collector title: |- NSX global configs for WAVE_FRONT global collector x-vmw-nsx-module: Policy WeeklyBackupSchedule: allOf: - $ref: '#/definitions/BackupSchedule' - properties: days_of_week: description: |- Days of week when backup is taken. 0 - Sunday, 1 - Monday, 2 - Tuesday, 3 - Wednesday ... items: format: int64 type: integer maxItems: 7 minItems: 1 title: |- Days of week when backup is taken. 0 - Sunday, 1 - Monday, 2 - Tuesday, 3 - Wednesday ... type: array uniqueItems: true hour_of_day: description: |- Time of day when backup is taken format: int64 maximum: 23 minimum: 0 title: |- Time of day when backup is taken type: integer minute_of_day: description: |- Time of day when backup is taken format: int64 maximum: 59 minimum: 0 title: |- Time of day when backup is taken type: integer required: - days_of_week - minute_of_day - hour_of_day type: object x-vmw-nsx-module: BackupConfiguration description: |- Schedule to specify day of the week and time to take automated backup title: |- Schedule to specify day of the week and time to take automated backup x-vmw-nsx-module: BackupConfiguration WidgetConfiguration: allOf: - $ref: '#/definitions/ManagedResource' - discriminator: resource_type properties: condition: description: |- If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally. maxLength: 1024 title: |- Expression for evaluating condition type: string datasources: description: |- The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API. items: $ref: '#/definitions/Datasource' minItems: 0 title: |- Array of Datasource Instances with their relative urls type: array default_filter_value: description: |- Default filter values to be passed to datasources. This will be used when the report is requested without filter values. items: $ref: '#/definitions/DefaultFilterValue' title: |- Default filter value to be passed to datasources type: array display_name: description: |- Title of the widget. If display_name is omitted, the widget will be shown without a title. maxLength: 255 title: |- Widget Title type: string drilldown_id: description: |- Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget. maxLength: 255 title: |- Id of drilldown widget type: string feature_set: $ref: '#/definitions/FeatureSet' filter: description: |- Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property. title: |- Id of filter widget for subscription type: string x-deprecated: true filter_value_required: default: true description: |- Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory. title: |- Flag to indicate if filter value is necessary type: boolean filters: description: |- A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget. items: type: string title: |- A List of filter ids applied to this widget configuration type: array footer: $ref: '#/definitions/Footer' icons: description: |- Icons to be applied at dashboard for widgets and UI elements. items: $ref: '#/definitions/Icon' title: |- Icons type: array is_drilldown: default: false description: |- Set to true if this widget should be used as a drilldown. title: |- Set as a drilldown widget type: boolean legend: $ref: '#/definitions/Legend' plot_configs: description: |- List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here. items: $ref: '#/definitions/WidgetPlotConfiguration' title: |- List of plotting configuration for a given widget. type: array resource_type: description: |- Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration. enum: - LabelValueConfiguration - DonutConfiguration - MultiWidgetConfiguration - ContainerConfiguration - StatsConfiguration - GridConfiguration - GraphConfiguration - CustomWidgetConfiguration - CustomFilterWidgetConfiguration - TimeRangeDropdownFilterWidgetConfiguration - DropdownFilterWidgetConfiguration - SpacerWidgetConfiguration - LegendWidgetConfiguration maxLength: 255 readOnly: true title: |- Widget visualization type type: string rowspan: description: |- Represents the vertical span of the widget / container. 1 Row span is equal to 20px. format: int32 minimum: 1 title: |- Vertical span type: integer shared: description: |- Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users. title: |- Visiblity of widgets to other users type: boolean x-deprecated: true show_header: description: |- If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header. title: |- This decides to show the container header or not. type: boolean span: description: |- Represents the horizontal span of the widget / container. format: int32 maximum: 12 minimum: 1 title: |- Horizontal span type: integer weight: description: |- Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details. format: int32 title: |- Weightage or placement of the widget or container type: integer x-deprecated: true required: - resource_type type: object x-vmw-nsx-module: NsxDashboard description: |- Describes the configuration of a widget to be displayed on the dashboard. WidgetConfiguration is a base type that provides attributes of a widget in-general. title: |- Dashboard Widget Configuration x-vmw-nsx-module: NsxDashboard WidgetConfigurationList: description: |- Represents a list of widget configurations. properties: widgetconfigurations: description: |- Array of widget configurations items: $ref: '#/definitions/WidgetConfiguration' readOnly: true title: |- Array of widget configurations type: array title: |- List of Widget Configurations type: object x-vmw-nsx-module: NsxDashboard WidgetItem: description: |- Represents a reference to a widget that is held by a container or a multi-widget or a View. properties: alignment: default: LEFT description: |- Aligns widget either left or right. enum: - LEFT - RIGHT title: |- Alignment of widget inside container type: string label: $ref: '#/definitions/Label' rowspan: description: |- Represents the vertical span of the widget / container format: int32 minimum: 1 title: |- Vertical span type: integer separator: default: false description: |- If true, separates this widget in a container. title: |- A separator after this widget type: boolean span: description: |- Represents the horizontal span of the widget / container. format: int32 maximum: 12 minimum: 1 title: |- Horizontal span type: integer weight: default: 10000 description: |- Determines placement of widget or container relative to other widgets and containers. The lower the weight, the higher it is in the placement order. format: int32 title: |- Weightage or placement of the widget or container type: integer widget_id: description: |- Id of the widget configuration that is held by a multi-widget or a container or a view. maxLength: 255 title: |- Id of the widget configuration type: string required: - widget_id title: |- Widget held by MultiWidgetConfiguration or Container or a View type: object x-vmw-nsx-module: NsxDashboard WidgetPlotConfiguration: description: |- Base type for widget plot config. properties: allow_maximize: description: |- Allow maximize capability for this widget title: |- Allow maximize capability for this widget type: boolean condition: description: |- If the condition is met then the given chart config is applied to the widget configuration. maxLength: 1024 title: |- Expression for evaluating condition for this chart config type: string title: |- Base type for widget plot config type: object x-vmw-nsx-module: NsxDashboard X509Certificate: properties: dsa_public_key_g: description: |- One of the DSA cryptogaphic algorithm's strength parameters, base. readOnly: true type: string dsa_public_key_p: description: |- One of the DSA cryptogaphic algorithm's strength parameters, prime. readOnly: true type: string dsa_public_key_q: description: |- One of the DSA cryptogaphic algorithm's strength parameters, sub-prime. readOnly: true type: string dsa_public_key_y: description: |- One of the DSA cryptogaphic algorithm's strength parameters. readOnly: true type: string ecdsa_curve_name: description: |- The Curve name for the ECDSA certificate. readOnly: true title: |- ECDSA Curve Name type: string ecdsa_ec_field: description: |- Represents an elliptic curve (EC) finite field in ECDSA. enum: - F2M - FP readOnly: true title: |- ECDSA Elliptic Curve Finite Field type: string ecdsa_ec_field_f2mks: description: |- The order of the middle term(s) of the reduction polynomial in elliptic curve (EC) | characteristic 2 finite field.| Contents of this array are copied to protect against subsequent modification in ECDSA. items: format: int64 type: integer readOnly: true title: |- ECDSA Elliptic Curve F2MKS type: array ecdsa_ec_field_f2mm: description: |- The first coefficient of this elliptic curve in elliptic curve (EC) | characteristic 2 finite field for ECDSA. format: int64 readOnly: true title: |- ECDSA Elliptic Curve F2MM type: integer ecdsa_ec_field_f2mrp: description: |- The value whose i-th bit corresponds to the i-th coefficient of the reduction polynomial | in elliptic curve (EC) characteristic 2 finite field for ECDSA. readOnly: true title: |- ECDSA Elliptic Curve F2MRP type: string ecdsa_ec_field_f2pp: description: |- The specified prime for the elliptic curve prime finite field in ECDSA. readOnly: true title: |- ECDSA Elliptic Curve F2PP type: string ecdsa_public_key_a: description: |- The first coefficient of this elliptic curve in ECDSA. readOnly: true title: |- ECDSA Elliptic Curve Public Key A type: string ecdsa_public_key_b: description: |- The second coefficient of this elliptic curve in ECDSA. readOnly: true title: |- ECDSA Elliptic Curve Public Key B type: string ecdsa_public_key_cofactor: description: |- The co-factor in ECDSA. format: int64 readOnly: true title: |- ECDSA Elliptic Curve Public Key Cofactor type: integer ecdsa_public_key_generator_x: description: |- X co-ordinate of G (the generator which is also known as the base point) in ECDSA. readOnly: true title: |- ECDSA Elliptic Curve Public Key X type: string ecdsa_public_key_generator_y: description: |- Y co-ordinate of G (the generator which is also known as the base point) in ECDSA. readOnly: true title: |- ECDSA Elliptic Curve Public Key Y type: string ecdsa_public_key_order: description: |- The order of generator G in ECDSA. readOnly: true title: |- ECDSA Elliptic Curve Public Key Order type: string ecdsa_public_key_seed: description: |- The bytes used during curve generation for later validation in ECDSA.| Contents of this array are copied to protect against subsequent modification. items: type: string readOnly: true title: |- ECDSA Elliptic Curve Public Key Seed type: array is_ca: description: |- True if this is a CA certificate. readOnly: true type: boolean is_valid: description: |- True if this certificate is valid. readOnly: true type: boolean issuer: description: |- The certificate issuers complete distinguished name. readOnly: true type: string issuer_cn: description: |- The certificate issuer's common name. readOnly: true type: string not_after: description: |- The time in epoch milliseconds at which the certificate becomes invalid. format: int64 readOnly: true type: integer not_before: description: |- The time in epoch milliseconds at which the certificate becomes valid. format: int64 readOnly: true type: integer public_key_algo: description: |- Cryptographic algorithm used by the public key for data encryption. readOnly: true title: |- Public Key Algorithm type: string public_key_length: description: |- Size measured in bits of the public/private keys used in a cryptographic algorithm. format: int64 readOnly: true type: integer rsa_public_key_exponent: description: |- An RSA public key is made up of the modulus and the public exponent. Exponent is a power number. readOnly: true type: string rsa_public_key_modulus: description: |- An RSA public key is made up of the modulus and the public exponent. Modulus is wrap around number. readOnly: true type: string serial_number: description: |- Certificate's serial number. readOnly: true type: string signature: description: |- The signature value(the raw signature bits) used for signing and validate the cert. readOnly: true type: string signature_algorithm: description: |- The algorithm used by the Certificate Authority to sign the certificate. readOnly: true type: string subject: description: |- The certificate owners complete distinguished name. readOnly: true type: string subject_cn: description: |- The certificate owner's common name. readOnly: true type: string version: description: |- Certificate version (default v1). readOnly: true type: string type: object x-vmw-nsx-module: CertificateManager X509Crl: description: |- A CRL is a time-stamped list identifying revoked certificates. properties: crl_entries: description: |- List of X509CrlEntry. items: $ref: '#/definitions/X509CrlEntry' readOnly: true type: array issuer: description: |- Issuer's distinguished name. (DN) readOnly: true type: string next_update: description: |- Next update time for the CRL. readOnly: true type: string version: description: |- CRL's version number either 1 or 2. readOnly: true type: string title: |- A CRL is a time-stamped list identifying revoked certificates. type: object x-vmw-nsx-module: CertificateManager X509CrlEntry: description: |- Each revoked certificate is identified in a CRL by its certificate serial number. properties: revocation_date: description: |- Revocation date. readOnly: true type: string serial_number: description: |- The revoked certificate's serial number. readOnly: true type: string title: |- Each revoked certificate is identified in a CRL by its certificate serial number. type: object x-vmw-nsx-module: CertificateManager parameters: {} responses: BadGateway: description: Bad Gateway schema: $ref: '#/definitions/ApiError' BadRequest: description: Bad Request schema: $ref: '#/definitions/ApiError' BandwidthLimitExceeded: description: Bandwidth Limit Exceeded schema: $ref: '#/definitions/ApiError' BlockedbyWindowsParentalControls: description: Blocked by Windows Parental Controls schema: $ref: '#/definitions/ApiError' ClientClosedRequest: description: Client Closed Request schema: $ref: '#/definitions/ApiError' Conflict: description: Conflict schema: $ref: '#/definitions/ApiError' EnhanceYourCalm: description: Enhance Your Calm schema: $ref: '#/definitions/ApiError' ExpectationFailed: description: Expectation Failed schema: $ref: '#/definitions/ApiError' FailedDependency: description: Failed Dependency schema: $ref: '#/definitions/ApiError' Forbidden: description: Forbidden schema: $ref: '#/definitions/ApiError' GatewayTimeout: description: Gateway Timeout schema: $ref: '#/definitions/ApiError' Gone: description: Gone schema: $ref: '#/definitions/ApiError' HTTPVersionNotSupported: description: HTTP Version Not Supported schema: $ref: '#/definitions/ApiError' Iamateapot: description: I am a teapot schema: $ref: '#/definitions/ApiError' InsufficientStorage: description: Insufficient Storage schema: $ref: '#/definitions/ApiError' InternalServerError: description: Internal Server Error schema: $ref: '#/definitions/ApiError' LengthRequired: description: Length Required schema: $ref: '#/definitions/ApiError' Locked: description: Locked schema: $ref: '#/definitions/ApiError' LoopDetected: description: Loop Detected schema: $ref: '#/definitions/ApiError' MethodNotAllowed: description: Method Not Allowed schema: $ref: '#/definitions/ApiError' NetworkAuthenticationRequired: description: Network Authentication Required schema: $ref: '#/definitions/ApiError' NoResponse: description: No Response schema: $ref: '#/definitions/ApiError' NotAcceptable: description: Not Acceptable schema: $ref: '#/definitions/ApiError' NotExtended: description: Not Extended schema: $ref: '#/definitions/ApiError' NotFound: description: Not Found schema: $ref: '#/definitions/ApiError' NotImplemented: description: Not Implemented schema: $ref: '#/definitions/ApiError' PaymentRequired: description: Payment Required schema: $ref: '#/definitions/ApiError' PreconditionFailed: description: Precondition Failed schema: $ref: '#/definitions/ApiError' PreconditionRequired: description: Precondition Required schema: $ref: '#/definitions/ApiError' ProxyAuthenticationRequired: description: Proxy Authentication Required schema: $ref: '#/definitions/ApiError' Request-URITooLong: description: Request-URI Too Long schema: $ref: '#/definitions/ApiError' RequestEntityTooLarge: description: Request Entity Too Large schema: $ref: '#/definitions/ApiError' RequestHeaderFieldsTooLarge: description: Request Header Fields Too Large schema: $ref: '#/definitions/ApiError' RequestTimeout: description: Request Timeout schema: $ref: '#/definitions/ApiError' RequestedRangeNotSatisfiable: description: Requested Range Not Satisfiable schema: $ref: '#/definitions/ApiError' ReservedforWebDAV: description: Reserved for WebDAV schema: $ref: '#/definitions/ApiError' RetryWith: description: Retry With schema: $ref: '#/definitions/ApiError' ServiceUnavailable: description: Service Unavailable schema: $ref: '#/definitions/ApiError' TooManyRequests: description: Too Many Requests schema: $ref: '#/definitions/ApiError' Unauthorized: description: Unauthorized schema: $ref: '#/definitions/ApiError' UnavailableForLegalReasons: description: Unavailable For Legal Reasons schema: $ref: '#/definitions/ApiError' UnprocessableEntity: description: Unprocessable Entity schema: $ref: '#/definitions/ApiError' UnsupportedMediaType: description: Unsupported Media Type schema: $ref: '#/definitions/ApiError' UpgradeRequired: description: Upgrade Required schema: $ref: '#/definitions/ApiError' VariantAlsoNegotiates: description: Variant Also Negotiates schema: $ref: '#/definitions/ApiError' tags: - name: Tier-0 Locale Services - name: Alb Waf Profiles - name: Port Mirroring - name: Gateway Firewall - name: Cluster Config - name: Deployments - name: BGP - name: Session Timer Profiles - name: NAT - name: Certificates - name: Nodes - name: Segment Security Profile Binding - name: Static Routes - name: Alb Controller Version - name: Tls Rules - name: Firewall Configuration - name: Compliance - name: Realized State - name: Kubernetes - name: Rules - name: Alb Server Auto Scale Policies - name: Interfaces - name: Spoofguard Profiles - name: DNS Security Profile Bindings - name: Ldap-Server - name: Alb Application Profiles - name: Backup Restore Management - name: Bridge Endpoints - name: API Request Batching - name: Container Cluster - name: Directory Service - name: Services - name: Load Balancer Monitor Profiles - name: Traceflow - name: OSPF - name: Alb Waf Policies - name: Tls State - name: Task - name: Roles - name: Alb Protocol Parsers - name: Virtual Machines - name: Intrusion Services - name: Metadata Proxy - name: Static MIME Content - name: Access Token - name: Alb Sso Policies - name: Tls Inspection - name: Cluster - name: Segments Bindings (Fixed) - name: Service Segments - name: EVPN VNI Pools - name: Discovery Profile Binding - name: Alb Network Security Policies - name: Ports - name: Signatures - name: Flood Protection Profile Binding - name: Alb Webhooks - name: Labels - name: Load Balancer Application Profiles - name: Security Profiles - name: Coordinator - name: Load Balancer Profiles - name: Alb Auto Scale Launch Configs - name: Migration - name: Service Chains - name: Event-Log-Server - name: Check - name: Error Resolver - name: DNS Zones - name: Statistics - name: Networking - name: Fabric - name: Session Timer Profile Binding - name: Alb Pki Profiles - name: Global Managers - name: Context Profiles - name: Tier-1 Locale Services - name: Flood Protection Profiles - name: Alb Auth Profiles - name: Tier-0 Gateways - name: Platform - name: Alb L4 Policy Sets - name: Heatmap - name: Inventory - name: IP Blocks - name: Forwarding Table - name: Host Agent - name: API Services - name: Form Factors - name: Federation Configuration - name: NSX Advanced Load Balancer - name: Load Balancer Persistence Profiles - name: Usage - name: DHCP Static Bindings - name: Group Members - name: Network Services - name: Versions - name: Infra - name: VIDM Configuration - name: Task Management - name: NSX Partial Patch - name: Service Insertion - name: Firewall Identity Store - name: Configuration - name: DAD State - name: BFD Profiles - name: Alb Error Page Bodies - name: Registry - name: User Management - name: Capacity Dashboard - name: Alb Network Profiles - name: Alb Pool Groups - name: Settings - name: Load Balancer SSL Profiles - name: EVPN Configuration - name: UI Views - name: Upload - name: Profiles - name: QOS Profiles - name: Alb Pools - name: MAC Table - name: Security - name: LDAP Identity Sources - name: Distributed Firewall Settings - name: Widget Configuration - name: System Health Agent - name: Finetuning - name: Domain - name: Tls Profiles - name: Load Balancer Services - name: State - name: LDAP Servers - name: Kubeconfig - name: Identity Firewall Settings - name: Service Definitions - name: Transport Nodes - name: Storageclass - name: MAC Discovery Profiles - name: Cpu Memory Thresholds Profiles - name: Session Timer Profile Bindings - name: Upgrade - name: Monitoring - name: System Administration - name: Drafts - name: Controller - name: Alb Auth Token - name: Community Lists - name: Alb Virtual Services - name: Advanced Load Balancing - name: Segments Bindings - name: Firewall IPFIX Profiles - name: Domain Deployment Maps - name: EVPN Setting - name: Local Endpoints - name: ARP Table - name: IP Discovery Profiles - name: Config - name: Observability - name: Authorization - name: NSX Managers - name: Status - name: Segments (Fixed) - name: Alb Health Monitors - name: Service Instances - name: Partner Services - name: Tags - name: Tls Config - name: NVDS - name: DNS Security Profiles - name: Bundle - name: Endpoint Protection - name: Security Profile Binding - name: Connectivity - name: Alb Hardware Security Module Groups - name: Networking Profiles - name: Search API - name: Groups - name: IKE Profiles - name: Virtual Endpoints - name: CSR - name: Redirection Policies - name: Alb Application Persistence Profiles - name: IPSEC - name: DHCP Server Configs - name: Manager IP Pools - name: Search - name: Alb Traffic Clone Profiles - name: Url Categorization - name: DHCP Relay Configs - name: Tier-1 Gateways - name: Transport Zone Profiles - name: NSX Application Platform - name: Antrea - name: Appliance - name: Forwarding Policies - name: L2VPN - name: Alb IP Addr Groups - name: Alb DNS Policies - name: TEP Table - name: DNS - name: Load Balancer Pools - name: Gateway Firewall Groups - name: Lifecycle Management - name: Communication Maps - name: Backup - name: System Health - name: Alb Onboarding Workflow - name: Constraints - name: LLDP - name: Reactions - name: Host Transport Node Profiles - name: Load Balancer Usage - name: IP Management - name: ARP Proxies - name: IPFIX - name: Alb String Groups - name: Alb HTTP Policy Sets - name: Dashboards - name: DHCP Leases - name: Load Balancer SSL Ciphers And Protocols - name: Cluster Control Planes - name: Alb Priority Labels - name: IPV6 DAD Profiles - name: DHCP - name: Segment Profiles - name: Route Maps - name: Routing - name: Transport Node Collections - name: Latency - name: Alb Waf Policy Psm Groups - name: Hostswitch Profiles - name: Container - name: Gateway QOS Profiles - name: Service References - name: EVPN Tunnel Endpoints - name: Segments - name: Alb Error Page Profiles - name: IPV6 NDRA Profiles - name: Sites - name: Distributed IDS - name: Certification Revocation List - name: Policy - name: Alb SSL Profiles - name: Switch IPFIX Profiles - name: Configuration Status - name: L7 Access Profiles - name: Manager Configuration - name: Load Balancing - name: Profile - name: Exclusion List - name: Federation - name: Remote-Mac - name: Sessions - name: Firewall Scheduler - name: Prefix List - name: Alb Pool Group Deployment Policies - name: Full Synchronization - name: Static Routes BFD Peers - name: Alb Analytics Profiles - name: DPD Profiles - name: Deployment - name: North South Security - name: VPN - name: Global Gateway Configuration - name: Load Balancer Virtual Servers - name: Alb Waf Crs - name: Distributed Firewall - name: Alb Vs Data Script Sets - name: Deployment Zones - name: Alb Security Policies - name: QOS Profile Binding - name: Switch IPFIX Collectors - name: Alb Vs Vips - name: Routing Table - name: Monitoring Profile Binding - name: Multicast - name: Summary - name: Multicast Profiles - name: Domains - name: Firewall IPFIX Collectors - name: DNS Forwarder - name: Tier-0 Deployment Maps - name: Livetrace - name: Segment Security Profiles - name: Users - name: East West Security - name: Restore - name: Security Configuration - name: IP Pools - name: Load Balancer Server SSL Profiles - name: Tools - name: IPSEC Profiles - name: Enablement - name: Vm - name: Hierarchical API - name: Edge Bridge Profiles - name: IP Address Pools - name: Object Permissions - name: Alb SSL Key And Certificates - name: Inter-Sites - name: Licenses - name: EVPN Tenant Configuration - name: Load Balancer Client SSL Profiles - name: Enforcement Points - name: Dashboard