| API Description | API Path |
|---|---|
Read infraRead infra. Returns only the infra related properties. Inner object are not populated. |
GET /global-manager/api/v1/global-infra
|
Update the infra including all the nested entitiesPatch API at infra level can be used in two flavours 1. Like a regular API to update Infra object 2. Hierarchical API: To create/update/delete entire or part of intent hierarchy Hierarchical API: Provides users a way to create entire or part of intent in single API invocation. Input is expressed in a tree format. Each node in tree can have multiple children of different types. System will resolve the dependecies of nodes within the intent tree and will create the model. Children for any node can be specified using ChildResourceReference or ChildPolicyConfigResource. If a resource is specified using ChildResourceReference then it will not be updated only its children will be updated. If Object is specified using ChildPolicyConfigResource, object along with its children will be updated. Hierarchical API can also be used to delete any sub-branch of entire tree. |
PATCH /global-manager/api/v1/global-infra
|
Update the infra objectUpdates only the single infra object. This does not allow hierarchical updates of entities. |
PUT /global-manager/api/v1/global-infra
|
Return All the User-Facing Components' CertificatesReturns all certificate information viewable by the user, including each certificate's id; resource_type (for example, certificate_self_signed, certificate_ca, or certificate_signed); pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI. |
GET /global-manager/api/v1/global-infra/certificates
|
Delete Certificate for the Given Certificate IDRemoves the specified certificate. The private key associated with the certificate is also deleted. |
DELETE /global-manager/api/v1/global-infra/certificates/<certificate-id>
|
Show Certificate Data for the Given Certificate IDReturns information for the specified certificate ID, including the certificate's id; resource_type (for example, certificate_self_signed, certificate_ca, or certificate_signed); pem_encoded data; and history of the certificate (who created or modified it and when). For additional information, include the ?details=true modifier at the end of the request URI. |
GET /global-manager/api/v1/global-infra/certificates/<certificate-id>
|
Add a New CertificateAdds a new private-public certificate and, optionally, a private key that can be applied to one of the user-facing components (appliance management or edge). The certificate and the key should be stored in PEM format. If no private key is provided, the certificate is used as a client certificate in the trust store. A certificate chain will not be expanded into separate certificate instances for reference, but would be pushed to the enforcement point as a single certificate. This patch method does not modify an existing certificate. |
PATCH /global-manager/api/v1/global-infra/certificates/<certificate-id>
|
Add a New CertificateAdds a new private-public certificate and, optionally, a private key that can be applied to one of the user-facing components (appliance management or edge). The certificate and the key should be stored in PEM format. If no private key is provided, the certificate is used as a client certificate in the trust store. A certificate chain will not be expanded into separate certificate instances for reference, but would be pushed to the enforcement point as a single certificate. |
PUT /global-manager/api/v1/global-infra/certificates/<certificate-id>
|
List tenant Constraints.List tenant constraints. |
GET /global-manager/api/v1/global-infra/constraints
|
Delete tenant Constraint.Delete tenant constraint. |
DELETE /global-manager/api/v1/global-infra/constraints/<constraint-id>
|
Read tenant Constraint.Read tenant constraint. |
GET /global-manager/api/v1/global-infra/constraints/<constraint-id>
|
Create or update tenant ConstraintCreate tenant constraint if not exists, otherwise update the existing constraint. |
PATCH /global-manager/api/v1/global-infra/constraints/<constraint-id>
|
Create or update tenant ConstraintCreate tenant constraint if it does not exist, otherwise replace the existing constraint. |
PUT /global-manager/api/v1/global-infra/constraints/<constraint-id>
|
Return All Added CRLsReturns information about all CRLs. For additional information, include the ?details=true modifier at the end of the request URI. |
GET /global-manager/api/v1/global-infra/crls
|
Delete a CRLDeletes an existing CRL. |
DELETE /global-manager/api/v1/global-infra/crls/<crl-id>
|
Show CRL Data for the Given CRL id.Returns information about the specified CRL. For additional information, include the ?details=true modifier at the end of the request URI. |
GET /global-manager/api/v1/global-infra/crls/<crl-id>
|
Create or patch a Certificate Revocation ListCreate or patch a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. |
PATCH /global-manager/api/v1/global-infra/crls/<crl-id>
|
Create a new Certificate Revocation ListAdds a new certificate revocation list (CRLs). The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL can contain a single CRL or multiple CRLs depending on the PEM data. - Single CRL: a single CRL is created with the given id. - Composite CRL: multiple CRLs are generated. Each of the CRL is created with an id generated based on the given id. First CRL is created with crl-id, second with crl-id-1, third with crl-id-2, etc. |
POST /global-manager/api/v1/global-infra/crls/<crl-id>?action=import
|
Create or fully replace a Certificate Revocation ListCreate or replace a Certificate Revocation List for the given id. The CRL is used to verify the client certificate status against the revocation lists published by the CA. For this reason, the administrator needs to add the CRL in certificate repository as well. The CRL must contain PEM data for a single CRL. Revision is required. |
PUT /global-manager/api/v1/global-infra/crls/<crl-id>
|
List domains for infraPaginated list of all domains for infra. |
GET /global-manager/api/v1/global-infra/domains
|
Delete Domain and all the entities contained by this domainDelete the domain along with all the entities contained by this domain. The groups that are a part of this domain are also deleted along with the domain. |
DELETE /global-manager/api/v1/global-infra/domains/<domain-id>
|
Read domainRead a domain. |
GET /global-manager/api/v1/global-infra/domains/<domain-id>
|
Patch a domainIf a domain with the domain-id is not already present, create a new domain. If it already exists, patch the domain |
PATCH /global-manager/api/v1/global-infra/domains/<domain-id>
|
Create or update a domainIf a domain with the domain-id is not already present, create a new domain. If it already exists, update the domain including the nested groups. This is a full replace |
PUT /global-manager/api/v1/global-infra/domains/<domain-id>
|
List Domain Deployment maps for infraPaginated list of all Domain Deployment Entries for infra. |
GET /global-manager/api/v1/global-infra/domains/<domain-id>/domain-deployment-maps
|
Delete Domain Deployment MapDelete Domain Deployment Map |
DELETE /global-manager/api/v1/global-infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
|
Read a DomainDeploymentMapRead a Domain Deployment Map |
GET /global-manager/api/v1/global-infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
|
Patch Domain Deployment Map under infraIf the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map. If it already exist, patch it. |
PATCH /global-manager/api/v1/global-infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
|
Create a new Domain Deployment Map under infraIf the passed Domain Deployment Map does not already exist, create a new Domain Deployment Map. If it already exist, replace it. |
PUT /global-manager/api/v1/global-infra/domains/<domain-id>/domain-deployment-maps/<domain-deployment-map-id>
|
Read Global Manager config along with sensitive dataRead a Global Manager config along with sensitive data. For example - rtep_config.ibgp_password |
GET /global-manager/api/v1/global-infra/global-manager-config?action=show-sensitive-data
|
Create or patch Global Manager ConfigCreate or patch a Global Manager Config |
PATCH /global-manager/api/v1/global-infra/global-manager-config
|
Create or fully replace Global Manager ConfigCreate or fully replace a Global Manager Config. Revision is optional for creation and required for update. |
PUT /global-manager/api/v1/global-infra/global-manager-config
|
List labels for infraPaginated list of all labels for infra. |
GET /global-manager/api/v1/global-infra/labels
|
Delete PolicyLabel objectDelete PolicyLabel object |
DELETE /global-manager/api/v1/global-infra/labels/<label-id>
|
Read lableRead a label. |
GET /global-manager/api/v1/global-infra/labels/<label-id>
|
Patch an existing label objectCreate label if not exists, otherwise take the partial updates. Note, once the label is created type attribute can not be changed. |
PATCH /global-manager/api/v1/global-infra/labels/<label-id>
|
Create or replace labelCreate label if not exists, otherwise replaces the existing label. If label already exists then type attribute cannot be changed. |
PUT /global-manager/api/v1/global-infra/labels/<label-id>
|
List All alarms in the systemPaginated list of all alarms. |
GET /global-manager/api/v1/global-infra/realized-state/alarms
|
Get list of realized objects associated with intent objectGet list of realized entities associated with intent object, specified by path in query parameter |
GET /global-manager/api/v1/global-infra/realized-state/realized-entities
|
Refresh all realized entities associated with the intent-pathRefresh the status and statistics of all realized entities associated with given intent path synchronously. The vmw-async: True HTTP header cannot be used with this API. |
POST /global-manager/api/v1/global-infra/realized-state/realized-entity?action=refresh
|
Get consolidated status of an intent objectGet Consolidated Status of an intent object (with or without enforcement specific status details). The request is evaluated as follows: - enforcement point specific details. - the given intent with enforcement point specific details. |
GET /global-manager/api/v1/global-infra/realized-state/status
|
List SitesList Sites under Infra. |
GET /global-manager/api/v1/global-infra/sites
|
Read a siteRead a site under Infra. |
GET /global-manager/api/v1/global-infra/sites/<site-id>
|
List enforcementpoints under SitePaginated list of all enforcementpoints under Site. |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points
|
Full sync EnforcementPoint from SiteFull sync EnforcementPoint from Site |
POST /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcement-point-id>?action=full-sync
|
Delete EnforcementPoint from SiteDelete EnforcementPoint from Site |
DELETE /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
|
Read an Enforcement Point under Infra/SiteRead an Enforcement Point under Infra/Site |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
|
Patch a new Enforcement Point under SiteIf the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, patch it. |
PATCH /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
|
Reload an Enforcement Point under SiteReload an Enforcement Point under Site. This will read and update fabric configs from enforcement point. |
POST /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>?action=reload
|
Create/update a new Enforcement Point under SiteIf the passed Enforcement Point does not already exist, create a new Enforcement Point. If it already exists, replace it. |
PUT /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>
|
List Edge Clusters under an Enforcement PointPaginated list of all Edge Clusters under an Enforcement Point |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters
|
Read a Edge Cluster under an Enforcement PointRead a Edge Cluster under an Enforcement Point |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters/<edge-cluster-id>
|
List Edge Nodes under an Enforcement Point, Edge ClusterPaginated list of all Edge Nodes under an Enforcement Point, Edge Cluster |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters/<edge-cluster-id>/edge-nodes
|
Read a Edge Node under an Enforcement Point, Edge ClusterRead a Edge Node under an Enforcement Point, Edge Cluster |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/edge-clusters/<edge-cluster-id>/edge-nodes/<edge-node-id>
|
List Transport Zones under an Enforcement PointPaginated list of all Transport Zones under an Enforcement Point |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/transport-zones
|
Read a Transport Zone under an Enforcement PointRead a Transport Zone under an Enforcement Point |
GET /global-manager/api/v1/global-infra/sites/<site-id>/enforcement-points/<enforcementpoint-id>/transport-zones/<transport-zone-id>
|