ServiceDefinition (schema)

Definition of a Service.

Registering a Service is the first step in the ServiceInsertion mechanism. A ServiceDefinition is used to create a service.

Name Description Type Notes

_create_time Timestamp of resource creation EpochMsTimestamp Readonly
Sortable

_create_user ID of the user who created this resource string Readonly

_last_modified_time Timestamp of last modification EpochMsTimestamp Readonly
Sortable

_last_modified_user ID of the user who last modified this resource string Readonly

_links References related to this resource

The server will populate this field when returing the resource. Ignored on PUT and POST. array of ResourceLink Readonly

_protection Indicates protection status of this resource

Protection status is one of the following:
PROTECTED - the client who retrieved the entity is not allowed
to modify it.
NOT_PROTECTED - the client who retrieved the entity is allowed
to modify it
REQUIRE_OVERRIDE - the client who retrieved the entity is a super
user and can modify it, but only when providing
the request header X-Allow-Overwrite=true.
UNKNOWN - the _protection field could not be determined for this
entity.
string Readonly

_revision Generation of this resource config

The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. int

_schema Schema for this resource string Readonly

_self Link to this resource SelfResourceLink Readonly

_system_owned Indicates system owned resource boolean Readonly

attachment_point Attachment Point

The point at which the service is deployed/attached for redirecting the traffic to the the partner appliance. Attachment Point is required if Service caters to any functionality other than EPP and MPS. array of string Enum: TIER0_LR, TIER1_LR, SERVICE_PLANE
Minimum items: 0
Maximum items: 2

description Description of this resource string Maximum length: 1024
Sortable

display_name Identifier to use when displaying entity in logs or GUI

Defaults to ID if not set string Maximum length: 255
Sortable

functionalities Functionality Type

The capabilities provided by the services. Needs to be one or more of the following | NG_FW - Next Generation Firewall | IDS_IPS - Intrusion Detection System / Intrusion Prevention System | NET_MON - Network Monitoring | HCX - Hybrid Cloud Exchange | BYOD - Bring Your Own Device | TLB - Transparent Load Balancer | EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service) | MPS - Malware Prevention Solution array of string Required
Enum: NG_FW, IDS_IPS, NET_MON, HCX, BYOD, EPP, TLB, MPS
Minimum items: 1

id Unique identifier of this resource string Sortable

implementations Implementation Type

This indicates the insertion point of the service i.e whether the service will be used to protect North-South or East-West traffic in the datacenter. array of string Required
Enum: NORTH_SOUTH, EAST_WEST
Minimum items: 1
Maximum items: 1

on_failure_policy On Failure Policy

Failure policy for the service tells datapath, the action to take i.e to Allow or Block traffic during failure scenarios. For north-south ServiceInsertion, failure policy in the service instance takes precedence. For east-west ServiceInsertion, failure policy in the service chain takes precedence. BLOCK is not supported for Endpoint protection (EPP) and MPS functionality. string Enum: ALLOW, BLOCK
Default: "ALLOW"

resource_type Must be set to the value ServiceDefinition string

service_capability Service capability

Service capability. ServiceCapability

service_deployment_spec Service Deployment Specification

Service Deployment Specification defines takes in information required to deploy and configure a partner appliance/service-vm. ServiceDeploymentSpec

service_manager_id Service Manager Id

ID of the service manager to which this service is attached with.
This field is not set during creation of service. This field will
be set explicitly when Service Manager is created successfully using this service.
string Readonly

tags Opaque identifiers meaningful to the API user array of Tag Maximum items: 30

transports Transport Type

Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP and MPS. array of string Enum: L2_BRIDGE, L3_ROUTED, NSH
Minimum items: 0
Maximum items: 1

vendor_id Vendor ID

Id which is unique to a vendor or partner for which the service is created. string Required

Name	Description	Type	Notes
_create_time	Timestamp of resource creation	EpochMsTimestamp	Readonly Sortable
_create_user	ID of the user who created this resource	string	Readonly
_last_modified_time	Timestamp of last modification	EpochMsTimestamp	Readonly Sortable
_last_modified_user	ID of the user who last modified this resource	string	Readonly
_links	References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST.	array of ResourceLink	Readonly
_protection	Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.	string	Readonly
_revision	Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.	int
_schema	Schema for this resource	string	Readonly
_self	Link to this resource	SelfResourceLink	Readonly
_system_owned	Indicates system owned resource	boolean	Readonly
attachment_point	Attachment Point The point at which the service is deployed/attached for redirecting the traffic to the the partner appliance. Attachment Point is required if Service caters to any functionality other than EPP and MPS.	array of string	Enum: TIER0_LR, TIER1_LR, SERVICE_PLANE Minimum items: 0 Maximum items: 2
description	Description of this resource	string	Maximum length: 1024 Sortable
display_name	Identifier to use when displaying entity in logs or GUI Defaults to ID if not set	string	Maximum length: 255 Sortable
functionalities	Functionality Type The capabilities provided by the services. Needs to be one or more of the following \| NG_FW - Next Generation Firewall \| IDS_IPS - Intrusion Detection System / Intrusion Prevention System \| NET_MON - Network Monitoring \| HCX - Hybrid Cloud Exchange \| BYOD - Bring Your Own Device \| TLB - Transparent Load Balancer \| EPP - Endpoint Protection.(Third party AntiVirus partners using NXGI should use this functionality for the service) \| MPS - Malware Prevention Solution	array of string	Required Enum: NG_FW, IDS_IPS, NET_MON, HCX, BYOD, EPP, TLB, MPS Minimum items: 1
id	Unique identifier of this resource	string	Sortable
implementations	Implementation Type This indicates the insertion point of the service i.e whether the service will be used to protect North-South or East-West traffic in the datacenter.	array of string	Required Enum: NORTH_SOUTH, EAST_WEST Minimum items: 1 Maximum items: 1
on_failure_policy	On Failure Policy Failure policy for the service tells datapath, the action to take i.e to Allow or Block traffic during failure scenarios. For north-south ServiceInsertion, failure policy in the service instance takes precedence. For east-west ServiceInsertion, failure policy in the service chain takes precedence. BLOCK is not supported for Endpoint protection (EPP) and MPS functionality.	string	Enum: ALLOW, BLOCK Default: "ALLOW"
resource_type	Must be set to the value ServiceDefinition	string
service_capability	Service capability Service capability.	ServiceCapability
service_deployment_spec	Service Deployment Specification Service Deployment Specification defines takes in information required to deploy and configure a partner appliance/service-vm.	ServiceDeploymentSpec
service_manager_id	Service Manager Id ID of the service manager to which this service is attached with. This field is not set during creation of service. This field will be set explicitly when Service Manager is created successfully using this service.	string	Readonly
tags	Opaque identifiers meaningful to the API user	array of Tag	Maximum items: 30
transports	Transport Type Transport Type of the service, which is the mechanism of redirecting the traffic to the the partner appliance. Transport type is required if Service caters to any functionality other than EPP and MPS.	array of string	Enum: L2_BRIDGE, L3_ROUTED, NSH Minimum items: 0 Maximum items: 1
vendor_id	Vendor ID Id which is unique to a vendor or partner for which the service is created.	string	Required